Full Disclosure mailing list archives
ResEdit Buffer Overflow Vulnerabilities
From: Walied Assar <waliedassar () gmail com>
Date: Thu, 24 May 2012 21:54:48 +0200
Product Link: http://www.resedit.net/ Affected version: 1.5.11-win32 Type of vulnerabilities: Buffer Overflow. For Further information: http://waleedassar.blogspot.com/2012/05/resedit-named-entries-two-buffer.html POCs: http://code.google.com/p/ollytlscatch/downloads/detail?name=ResEdit_POC1.exe http://code.google.com/p/ollytlscatch/downloads/detail?name=ResEdit_POC2.exe N.B. Not much efforts have been made into these POCs. They just crash the application but code execution is possible.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- ResEdit Buffer Overflow Vulnerabilities Walied Assar (May 24)