Symantec Multiple Products UPX Parsing Engine Buffer Overflow

Discussion in 'other security issues & news' started by ronjor, Feb 9, 2005.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
    Highly critical

    Secunia
     
  2. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Symantec UPX Parsing Engine Heap Overflow

    The vulnerable component fails to do proper bounds checks when analyzing certain container files for virus content. An attacker sending a specifically crafted UPX file could potentially compromise the targeted system.

    (A lot) more info and fixes:
    http://www.symantec.com/avcenter/security/Content/2005.02.08.html
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
    Symantec Patches High-Risk Vulnerability

    eweek
     
Loading...
Thread Status:
Not open for further replies.