[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] ESET Smart Security LZH archive parsing PoC exploit

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] ESET Smart Security LZH archive parsing PoC exploit
From: "Oleksiuk Dmitry" <dmitry@xxxxxxxxxxx>
Date: Fri, 7 May 2010 19:04:56 +0400

Software: ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64)

Vendor status: notified/ignored

Tested on: Windows XP, Vista, 7 (x32 and x64)

Description: Scanning of malicious file causes heap corruption in context of
the service process (ekrn.exe). See Dr. Watson log (drwtsn32.log) for
details.

Code : http://www.esagelab.com/files/eset_lzh.zip

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] [ANN] Pink's Tracing Library
Next by Date: [Full-disclosure] [ MDVSA-2010:093 ] mysql
Previous by thread: [Full-disclosure] [ANN] Pink's Tracing Library
Next by thread: [Full-disclosure] [ MDVSA-2010:093 ] mysql
Index(es):
- Date
- Thread