<<< Date Index >>>     <<< Thread Index >>>

Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory



Hi all,

Just want to let you know that Sophos has updated their advisory:

http://www.sophos.com/support/knowledgebase/article/28407.html

To make things a bit more clear, it's a one byte overwrite in an
arbitrary location caused by an integer handling issue while parsing the
UPX file format.

The advisory at http://www.nruns.com/security_advisory.php will be
updated soon.

Cheers,
  Sergio