Details released of overflow issue reported and patched.
BitDefender
and several security-watching sites have unveiled details of a serious overflow vulnerability in the parsing of packed PE files, first reported to the company in August and patched within a week.
The flaw, which could have been exploited by a maliciously crafted file to gain remote system access, was first alerted on by a security researcher on August 24th, and details were provided to
BitDefender
a few days later; the fix was released on August 29th, and no exploit is believed to have taken advantage of the issue.
BitDefender
‘s announcement of the events is
here
, while alerts are available from
Full-disclosure
and
Secunia
.
Posted on 18 December 2006 by
Virus Bulletin
Leave a Reply