Full Disclosure mailing list archives

PE Explorer Heap Overflow Vulnerability

From: Walied Assar <waliedassar () gmail com>
Date: Sat, 19 May 2012 05:09:34 +0200

 Product link: http://www.heaventools.com/PE_Explorer_disassembler.htm

Affected version: 1.99 R6.

Type of vulnerability: Heap Overflow.

For further information:
http://waleedassar.blogspot.com/2012/05/pe-explorer-heap-overflow-vulnerability.html

Proof of concept:
http://ollytlscatch.googlecode.com/files/PEExplorer_HO.exe

N.B. Not much efforts have been made into this POC. It just crashes the
application but code execution is possible.

Waliedassar

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

PE Explorer Heap Overflow Vulnerability Walied Assar (May 20)