Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: ShadowAce

Yet Another Buffer Overflow Bug.


47 posted on 01/16/2006 2:00:54 PM PST by The Red Zone
[ Post Reply | Private Reply | To 1 | View Replies ]

To: The Red Zone
No - doesn't look like a buffer overflow bug to me.

A buffer overflow bug overwrites executable code or call stack saved registers, that will be executed or restored innocently at a later time.

This flaw seems to have an added, intentional, CALL instruction, into metadata in a file that should not have any executable instructions.

Very different. No flawed buffer arithmetic. Not the faking out of a legitimate call or jump with bad data, but the intentional call into a place that no one would have expect to have machine instructions.

48 posted on 01/16/2006 2:17:46 PM PST by ThePythonicCow (The distrust of authority is a deeply destructive force in the hands of evil men.)
[ Post Reply | Private Reply | To 47 | View Replies ]
To: The Red Zone
Yet Another Buffer Overflow Bug.

Gibson has stated that the WMF vulnerability is not a buffer overflow bug.

51 posted on 01/16/2006 2:39:12 PM PST by TChad
[ Post Reply | Private Reply | To 47 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson