Code:
TITLE:
PEiD Import Library Name Handling Buffer Overflow
SECUNIA ADVISORY ID:
SA13984
RELEASE DATE:
2005-01-28
VERIFY ADVISORY:
http://secunia.com/advisories/13984/
CRITICAL:
Moderately critical
WHERE:
From remote
IMPACT:
System access
SOFTWARE:
PEiD 0.x
DESCRIPTION:
A vulnerability has been reported in PEiD, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the parsing of the PE (Portable Executable) import directory. This can be exploited to cause a buffer overflow via a specially crafted PE file containing overly long import library names.
Successful exploitation may allow execution of arbitrary code when a malicious PE file is opened.
SOLUTION:
Use another product.
Do not process untrusted files unless in a test environment.
REPORTED BY CREDITS:
Lord Yup
ORIGINAL ADVISORY:
iDEFENSE:
http://idefense.com/application/...?id=189&type=vulnerabilities
I Think This Bug Work's Only When I Connected To The Internet And i Use PEiD