Buffer overflows and erratic behavior in decompression routines and unpackers are nothing new really, but CERT-FI (Finland) still has added a nice twist by providing a library of "fuzzed" (deliberately and randomly wrong) archive format test files. www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html . The patches that F-Secure AV released earlier today seem to be related to this issue - but I frankly rather have my AV listed as "affected, patch available" than as "unknown".... |
Daniel 385 Posts ISC Handler Mar 18th 2008 |
Thread locked Subscribe |
Mar 18th 2008 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!