3 matches found
CVE-2005-0249
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header...
Immunity Canvas: NORTON_UPX
Name| nortonupx ---|--- CVE| CVE-2005-0249 Exploit Pack| CANVAS Description| nortonupx Notes| CVE Name: CVE-2005-0249 Found by: Alex Wheeler VENDOR: Symantec URL: http://xforce.iss.net/xforce/alerts/id/187 VersionsAffected: Any 2004 Repeatability: This is a one shot exploit, but the process won't...
CVE-2005-0249
Concretely affected: Symantec AntiVirus/Scan Engine DEC2EXE parsing engine (DEC2EXE.dll) used in the Symantec Antivirus Library. Issue: a heap-based buffer overflow caused by improper bounds checking when parsing UPX-compressed files, triggered by a crafted UPX file with a negative virtual offset...