Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory

Hi all,

Just want to let you know that Sophos has updated their advisory:

To make things a bit more clear, it's a one byte overwrite in an
arbitrary location caused by an integer handling issue while parsing the
UPX file format.

The advisory at will be
updated soon.


Relevant Pages