OSVDB ID: 13163

Title: Multiple Vendor Portable Executable Import Directory Library Name Overflow

Info

Disclosure

Jan 24, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in IDA PRO. IDA PRO fails to perform proper bounds checking within the Portable Executable import directory library resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unavailable
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Datarescue has released a patch to address this vulnerability.

Products

Data Rescue	IDA PRO	4.6 SP1
		4.7

PEiD

0.92

References

Security Tracker: 1012975
Secunia Advisory ID: 13980 13984
CVE ID: 2005-0115 (see also: NVD) 2005-0140 (see also: NVD)
Vendor URL: http://peid.has.it/
http://www.datarescue.com/idabase/
Vendor Specific Advisory URL: http://www.datarescue.com/ubb/ultimatebb.php?/topic/2/146.html
Other Advisory URL: http://www.idefense.com/application/poi/display?id=189&type=vulnerabilities

Credit

Lord YuP - loperhushmail.com - sec-labs team

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Data Rescue

IDA PRO

PEiD

PEiD

References

Credit