ZDI-07-040: Symantec AntiVirus Engine CAB Parsing Heap Overflow

看板Bugtraq作者TSRT.時間18年前 (2007/07/24 11:02)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

WkRJLTA3LTA0MDogU3ltYW50ZWMgQW50aVZpcnVzIEVuZ2luZSBDQUIgUGFyc2luZyBIZWFwIE92 ZXJmbG93DQogICAgICAgICAgICBWdWxuZXJhYmlsaXR5DQpodHRwOi8vd3d3Lnplcm9kYXlpbml0 aWF0aXZlLmNvbS9hZHZpc29yaWVzL1pESS0wNy0wNDAuaHRtbA0KSnVseSAxMiwgMjAwNw0KDQot LSBDVkUgSUQ6DQpDVkUtMjAwNy0wNDQ3DQoNCi0tIEFmZmVjdGVkIFZlbmRvcjoNClN5bWFudGVj DQoNCi0tIEFmZmVjdGVkIFByb2R1Y3RzOg0KU3ltYW50ZWMgQW50aVZpcnVzIEVuZ2luZQ0KDQot LSBUaXBwaW5nUG9pbnQoVE0pIElQUyBDdXN0b21lciBQcm90ZWN0aW9uOg0KVGlwcGluZ1BvaW50 IElQUyBjdXN0b21lcnMgaGF2ZSBiZWVuIHByb3RlY3RlZCBhZ2FpbnN0IHRoaXMNCnZ1bG5lcmFi aWxpdHkgc2luY2UgTm92ZW1iZXIgMzAsIDIwMDYgYnkgRGlnaXRhbCBWYWNjaW5lIHByb3RlY3Rp b24NCmZpbHRlciBJRCA0ODc1LiBGb3IgZnVydGhlciBwcm9kdWN0IGluZm9ybWF0aW9uIG9uIHRo ZSBUaXBwaW5nUG9pbnQgSVBTOg0KDQogICAgaHR0cDovL3d3dy50aXBwaW5ncG9pbnQuY29tIA0K DQotLSBWdWxuZXJhYmlsaXR5IERldGFpbHM6DQpUaGlzIHZ1bG5lcmFiaWxpdHkgYWxsb3dzIHJl bW90ZSBhdHRhY2tlcnMgdG8gZXhlY3V0ZSBhcmJpdHJhcnkgY29kZSBvbg0Kc3lzdGVtcyB3aXRo IGFmZmVjdGVkIGluc3RhbGxhdGlvbnMgb2YgU3ltYW50ZWMncyBBbnRpVmlydXMgRW5naW5lLg0K VXNlciBpbnRlcmFjdGlvbiBpcyBub3QgcmVxdWlyZWQgdG8gZXhwbG9pdCB0aGlzIHZ1bG5lcmFi aWxpdHkuDQoNClRoZSBzcGVjaWZpYyBmbGF3IGV4aXN0cyBkdXJpbmcgdGhlIHByb2Nlc3Mgb2Yg c2Nhbm5pbmcgbXVsdGlwbGUNCm1hbGljaW91c2x5IGZvcm1hdHRlZCBDQUIgYXJjaGl2ZXMuIFRo ZSBwYXJzaW5nIHJvdXRpbmUgaW1wbGljaXRseQ0KdHJ1c3RzIGNlcnRhaW4gdXNlci1zdXBwbGll ZCB2YWx1ZXMgdGhhdCBjYW4gcmVzdWx0IGluIGFuIGV4cGxvaXRhYmxlDQpoZWFwIGNvcnJ1cHRp b24uDQoNCi0tIFZlbmRvciBSZXNwb25zZToNClN5bWFudGVjIGhhcyBpc3N1ZWQgYW4gdXBkYXRl IHRvIGNvcnJlY3QgdGhpcyB2dWxuZXJhYmlsaXR5LiBNb3JlDQpkZXRhaWxzIGNhbiBiZSBmb3Vu ZCBhdDoNCg0KICAgIGh0dHA6Ly93d3cuc3ltYW50ZWMuY29tL2F2Y2VudGVyL3NlY3VyaXR5L0Nv bnRlbnQvMjAwNy4wNy4xMWYuaHRtbA0KDQotLSBEaXNjbG9zdXJlIFRpbWVsaW5lOg0KMjAwNi4x MS4wOSAtIFZ1bG5lcmFiaWxpdHkgcmVwb3J0ZWQgdG8gdmVuZG9yDQoyMDA2LjExLjMwIC0gRGln aXRhbCBWYWNjaW5lIHJlbGVhc2VkIHRvIFRpcHBpbmdQb2ludCBjdXN0b21lcnMNCjIwMDcuMDcu MTIgLSBDb29yZGluYXRlZCBwdWJsaWMgcmVsZWFzZSBvZiBhZHZpc29yeQ0KDQotLSBDcmVkaXQ6 DQpUaGlzIHZ1bG5lcmFiaWxpdHkgd2FzIGRpc2NvdmVyZWQgYnkgYW4gYW5vbnltb3VzIHJlc2Vh cmNoZXIuDQoNCi0tIEFib3V0IHRoZSBaZXJvIERheSBJbml0aWF0aXZlIChaREkpOg0KRXN0YWJs aXNoZWQgYnkgVGlwcGluZ1BvaW50LCBhIGRpdmlzaW9uIG9mIDNDb20sIFRoZSBaZXJvIERheSBJ bml0aWF0aXZlDQooWkRJKSByZXByZXNlbnRzIGEgYmVzdC1vZi1icmVlZCBtb2RlbCBmb3IgcmV3 YXJkaW5nIHNlY3VyaXR5DQpyZXNlYXJjaGVycyBmb3IgcmVzcG9uc2libHkgZGlzY2xvc2luZyBk aXNjb3ZlcmVkIHZ1bG5lcmFiaWxpdGllcy4NCg0KUmVzZWFyY2hlcnMgaW50ZXJlc3RlZCBpbiBn ZXR0aW5nIHBhaWQgZm9yIHRoZWlyIHNlY3VyaXR5IHJlc2VhcmNoDQp0aHJvdWdoIHRoZSBaREkg Y2FuIGZpbmQgbW9yZSBpbmZvcm1hdGlvbiBhbmQgc2lnbi11cCBhdDoNCg0KICAgIGh0dHA6Ly93 d3cuemVyb2RheWluaXRpYXRpdmUuY29tDQoNClRoZSBaREkgaXMgdW5pcXVlIGluIGhvdyB0aGUg YWNxdWlyZWQgdnVsbmVyYWJpbGl0eSBpbmZvcm1hdGlvbiBpcyB1c2VkLg0KM0NvbSBkb2VzIG5v dCByZS1zZWxsIHRoZSB2dWxuZXJhYmlsaXR5IGRldGFpbHMgb3IgYW55IGV4cGxvaXQgY29kZS4N Ckluc3RlYWQsIHVwb24gbm90aWZ5aW5nIHRoZSBhZmZlY3RlZCBwcm9kdWN0IHZlbmRvciwgM0Nv bSBwcm92aWRlcyBpdHMNCmN1c3RvbWVycyB3aXRoIHplcm8gZGF5IHByb3RlY3Rpb24gdGhyb3Vn aCBpdHMgaW50cnVzaW9uIHByZXZlbnRpb24NCnRlY2hub2xvZ3kuIEV4cGxpY2l0IGRldGFpbHMg cmVnYXJkaW5nIHRoZSBzcGVjaWZpY3Mgb2YgdGhlDQp2dWxuZXJhYmlsaXR5IGFyZSBub3QgZXhw b3NlZCB0byBhbnkgcGFydGllcyB1bnRpbCBhbiBvZmZpY2lhbCB2ZW5kb3INCnBhdGNoIGlzIHB1 YmxpY2x5IGF2YWlsYWJsZS4gRnVydGhlcm1vcmUsIHdpdGggdGhlIGFsdHJ1aXN0aWMgYWltIG9m DQpoZWxwaW5nIHRvIHNlY3VyZSBhIGJyb2FkZXIgdXNlciBiYXNlLCAzQ29tIHByb3ZpZGVzIHRo aXMgdnVsbmVyYWJpbGl0eQ0KaW5mb3JtYXRpb24gY29uZmlkZW50aWFsbHkgdG8gc2VjdXJpdHkg dmVuZG9ycyAoaW5jbHVkaW5nIGNvbXBldGl0b3JzKQ0Kd2hvIGhhdmUgYSB2dWxuZXJhYmlsaXR5 IHByb3RlY3Rpb24gb3IgbWl0aWdhdGlvbiBwcm9kdWN0Lg0KDQoNCkNPTkZJREVOVElBTElUWSBO T1RJQ0U6IFRoaXMgZS1tYWlsIG1lc3NhZ2UsIGluY2x1ZGluZyBhbnkgYXR0YWNobWVudHMsCmlz IGJlaW5nIHNlbnQgYnkgM0NvbSBmb3IgdGhlIHNvbGUgdXNlIG9mIHRoZSBpbnRlbmRlZCByZWNp cGllbnQocykgYW5kCm1heSBjb250YWluIGNvbmZpZGVudGlhbCwgcHJvcHJpZXRhcnkgYW5kL29y IHByaXZpbGVnZWQgaW5mb3JtYXRpb24uCkFueSB1bmF1dGhvcml6ZWQgcmV2aWV3LCB1c2UsIGRp c2Nsb3N1cmUgYW5kL29yIGRpc3RyaWJ1dGlvbiBieSBhbnkgCnJlY2lwaWVudCBpcyBwcm9oaWJp dGVkLiAgSWYgeW91IGFyZSBub3QgdGhlIGludGVuZGVkIHJlY2lwaWVudCwgcGxlYXNlCmRlbGV0 ZSBhbmQvb3IgZGVzdHJveSBhbGwgY29waWVzIG9mIHRoaXMgbWVzc2FnZSByZWdhcmRsZXNzIG9m IGZvcm0gYW5kCmFueSBpbmNsdWRlZCBhdHRhY2htZW50cyBhbmQgbm90aWZ5IDNDb20gaW1tZWRp YXRlbHkgYnkgY29udGFjdGluZyB0aGUKc2VuZGVyIHZpYSByZXBseSBlLW1haWwgb3IgZm9yd2Fy ZGluZyB0byAzQ29tIGF0IHBvc3RtYXN0ZXJAM2NvbS5jb20uIAo=

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 TSRT. 的文章

文章代碼(AID): #16fMlT00 (Bugtraq)