The PoC exploit for this issue is attached to this e-mail. It has been successfully tested under Microsoft Windows XP Professional (german, SP2). Remote attackers can bypass the SEH frames protection of the operating system by calling a POP/POP/RET sequence in the dynamic link libraries of the Panda Antivirus scanning engine. -FistFucker (aka FistFuXXer)
Attachment:
CAN-2005-4085_exploit.pl
Description: Binary data
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/