ESET NOD32 Heap Overflow

Posted by deepcore on March 5, 2016 – 11:24 am

ESET NOD32 is affected by a heap overflow vulnerability while unpacking EPOC installation files. By creating a file record with type SIS_FILE_MULTILANG (meaning a different file is provided for every supported language), and then claiming to support a very large number of languages, a 16-bit calculation overflows. This leads to a nice clean heap overflow.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Avast Authenticode Parsing Memory Corruption [papers] – Metaphor – A (real) real-life Stagefright exploit »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

ESET NOD32 Heap Overflow

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL