[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] PE Explorer Heap Overflow Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] PE Explorer Heap Overflow Vulnerability
From: Walied Assar <waliedassar@xxxxxxxxx>
Date: Sat, 19 May 2012 05:09:34 +0200

 Product link: http://www.heaventools.com/PE_Explorer_disassembler.htm

Affected version: 1.99 R6.

Type of vulnerability: Heap Overflow.

For further information:
http://waleedassar.blogspot.com/2012/05/pe-explorer-heap-overflow-vulnerability.html

Proof of concept:
http://ollytlscatch.googlecode.com/files/PEExplorer_HO.exe

N.B. Not much efforts have been made into this POC. It just crashes the
application but code execution is possible.

Waliedassar

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] New Open Source Web Application Vulnerability Scanner Available
Next by Date: Re: [Full-disclosure] Google Accounts Security Vulnerability
Previous by thread: [Full-disclosure] php code reviewer(php source code auditing tool)
Next by thread: [Full-disclosure] Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012)
Index(es):
- Date
- Thread