Hi 3APA3A, It was a mistake in the advisory, It should say: "Integer cast around in UPX packed files parsing" I ask for apologies for the mistake. Unfortunately we can't give more details about the vulnerability because the German Law (§202) Cheers, Sergio