This is a vulnerability I discovered in PEiD v0.95, which is the latest version. The vulnerability was tested on Windows 7 and Windows XP. It's triggered when the PointerToRawData of the last section causes integer overflow when subtracted from file size.
which is implemented here
Here's a pseudocode to what's going on:
which is implemented here
then later:
which is implemented here
if file is accepted as a valid PE, then when scanning the last section, PEiD will crash:
No comments:
Post a Comment