Subscribe via feed.

Kaspersky Antivirus Yoda's Protector Unpacking Remote Memory Corruption

Posted by deepcore on October 14, 2015 – 10:25 am

The attached testcase was found by fuzzing packed PE files with Kaspersky Antivirus. The researcher suspects it was packed using “Yoda’s protector”. This vulnerability is obviously exploitable for remote code execution as NT AUTHORITYSYSTEM on all systems using Kaspersky Antivirus.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.


« »