Full Disclosure mailing list archives
ESET Smart Security LZH archive parsing PoC exploit
From: "Oleksiuk Dmitry" <dmitry () esagelab ru>
Date: Fri, 7 May 2010 19:04:56 +0400
Software: ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64) Vendor status: notified/ignored Tested on: Windows XP, Vista, 7 (x32 and x64) Description: Scanning of malicious file causes heap corruption in context of the service process (ekrn.exe). See Dr. Watson log (drwtsn32.log) for details. Code : http://www.esagelab.com/files/eset_lzh.zip
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- ESET Smart Security LZH archive parsing PoC exploit Oleksiuk Dmitry (May 07)