Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Skype 5.3.*.5.2.* Critical Pointer Vulnerability

From: Mario Vilas <mvilas () gmail com>
Date: Tue, 23 Aug 2011 01:06:03 +0200
Oh, and BTW...

--- Violation Exception Log ---
0:034> g
(f10.ed4): Unknown exception  (first chance)
(f10.ed4): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=c07ca54b ebx=a96959bc ecx=d8f10db2 edx=0000155f esi=d7263481 edi=3e294540
eip=25c50116 esp=37f91000 ebp=50601616 iopl=0         nv up ei pl nz na po nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010202
25c50116 cd01            int     1
0:000> !exchain
0018e8f8:
Skype+8be3a0 (00cbe3a0)


This doesn't look like an exploitable buffer overflow to me. I think
you just stumbled upon Skype's anti-debug measures.



On Tue, Aug 23, 2011 at 1:02 AM, Mario Vilas <mvilas () gmail com> wrote:


Perhaps you should post the contents of the advisory here as well. Many
people won't happily click on a link without any explanations.

On Mon, Aug 22, 2011 at 9:14 PM, Levent Kayan <levonkayan () gmx net> wrote:


hello,

http://vulnerability-lab.com/get_content.php?id=180


cheers,
noptrix

--
Name: Levent 'noptrix' Kayan
E-Mail: noptrix () lamergarten net
GPG key: 0x014652c0
Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0
Homepage: http://www.noptrix.net/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/





--
“There's a reason we separate military and the police: one fights the enemy
of the state, the other serves and protects the people. When the military
becomes both, then the enemies of the state tend to become the people.”


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/





-- 
“There's a reason we separate military and the police: one fights the enemy
of the state, the other serves and protects the people. When the military
becomes both, then the enemies of the state tend to become the people.”

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: