SmidgeonSoft PEBrowse Remote Buffer Overflow Vulnerability
BID:22501
Info
SmidgeonSoft PEBrowse Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 22501 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0879 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 09 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | beist <[email protected]> discovered this issue. |
| Vulnerable: |
SmidgeonSoft PEBrowse Professional 8.2.1 .0 |
| Not Vulnerable: |
SmidgeonSoft PEBrowse Professional 8.2.3 |
Discussion
SmidgeonSoft PEBrowse Remote Buffer Overflow Vulnerability
SmidgeonSoft PEBrowse is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data contained in PE-formatted executable files.
Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the vulnerable application. Note that users normally expect to be able to use this application to safely analyze potentially malicious executables, so they may be operating under a false sense of security.
PEBrowse Professional version 8.2.1.0 is vulnerable to this issue; other versions may also be affected.
SmidgeonSoft PEBrowse is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data contained in PE-formatted executable files.
Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the vulnerable application. Note that users normally expect to be able to use this application to safely analyze potentially malicious executables, so they may be operating under a false sense of security.
PEBrowse Professional version 8.2.1.0 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
SmidgeonSoft PEBrowse Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
SmidgeonSoft PEBrowse Remote Buffer Overflow Vulnerability
Solution:
The vendor released an update to address this issue. Please see the references for more information.
Solution:
The vendor released an update to address this issue. Please see the references for more information.
References
SmidgeonSoft PEBrowse Remote Buffer Overflow Vulnerability
References:
References:
- PEBrowse Professional Product Page (SmidgeonSoft)
- PEBrowse Version 8.2.3 Release Information (SmidgeonSoft)