DataRescue IDA Pro Malformed PE File Remote Buffer Overflow Vulnerability
BID:12353
Info
DataRescue IDA Pro Malformed PE File Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 12353 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-0115 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 24 2005 12:00AM |
| Updated: | Jul 12 2009 10:06AM |
| Credit: | Discovery is credited to Lord Yup. |
| Vulnerable: |
DataRescue IDA Pro 4.7 DataRescue IDA Pro 4.6 SP1 |
| Not Vulnerable: | |
Discussion
DataRescue IDA Pro Malformed PE File Remote Buffer Overflow Vulnerability
IDA Pro is reported prone to a remote buffer overflow vulnerability. This issue may allow a remote attacker to execute arbitrary code on a vulnerable computer to gain unauthorized access.
An attacker can exploit this issue by crafting a PE file and enticing a user to process the file through IDA Pro.
A successful attack may facilitate unauthorized access to the affected computer.
IDA Pro 4.6 SP 1 and 4.7 running on both Windows and Linux platforms are reported vulnerable to this issue. It is possible that other versions are affected as well.
IDA Pro is reported prone to a remote buffer overflow vulnerability. This issue may allow a remote attacker to execute arbitrary code on a vulnerable computer to gain unauthorized access.
An attacker can exploit this issue by crafting a PE file and enticing a user to process the file through IDA Pro.
A successful attack may facilitate unauthorized access to the affected computer.
IDA Pro 4.6 SP 1 and 4.7 running on both Windows and Linux platforms are reported vulnerable to this issue. It is possible that other versions are affected as well.
Exploit / POC
DataRescue IDA Pro Malformed PE File Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
DataRescue IDA Pro Malformed PE File Remote Buffer Overflow Vulnerability
Solution:
The vendor has released a patch to address this issue.
DataRescue IDA Pro 4.6 SP1
DataRescue IDA Pro 4.7
Solution:
The vendor has released a patch to address this issue.
DataRescue IDA Pro 4.6 SP1
-
DataRescue ida47vfix.zip
http://www.datarescue.be/freefiles/ida47vfix.zip
DataRescue IDA Pro 4.7
-
DataRescue ida47vfix.zip
http://www.datarescue.be/freefiles/ida47vfix.zip
References
DataRescue IDA Pro Malformed PE File Remote Buffer Overflow Vulnerability
References:
References:
- IDA Product Page (Hex-Rays)
- DataRescue Interactive Disassembler Pro Buffer Overflow Vulnerability ("iDefense Customer Service"