Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory

From: Sergio Alvarez <sergio.alvarez_at_nospam>
Date: Mon Aug 27 2007 - 20:41:50 GMT
To: 3APA3A <3APA3A@SECURITY.NNOV.RU>

Hi 3APA3A,

It was a mistake in the advisory,
It should say:

"Integer cast around in UPX packed files parsing"

I ask for apologies for the mistake.
Unfortunately we can't give more details about the vulnerability because the German Law (§202)

Cheers,
Sergio

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]