Heap Memory Corruption due to logical bugs in memory management. Hex-Rays SA HexRaysSA We are a hi-tech company focusing on binary software analysis.Multiple (4) instances of Heap Buffer Overflows due to integer problems. Because we know that one second of insight still beats hundred years of processing time, the IDA Disassembler offers as much interactivity as is possible.Heap Buffer Overflow due to Integer Overflow.4-Byte Heap Buffer Overflow due to an Off-By-One in bounds checking.Heap Memory Corruption due to Integer Underflow.Below you will find the original reports I sent to the vendor in September:
Ucieczka z Matrixa: (nie)bezpieczna analiza malware (3.85 MB, PDF)Ī part of the presentation was dedicated to multiple memory corruption Hex-Rays IDA Pro vulnerabilities I discovered earlier this year (see the product Changelog). While the talk was prepared entirely in Polish, most of the slides should be easily understandable by English speakers, and Google Translate works pretty well, so I decided to share them here anyway: The presentation was lightly technical and concerned the different threats of using popular software to aid in interacting with and analyzing malware samples. “Escaping the Matrix: (in)secure malware analysis”). Yesterday I gave a talk at a Polish security conference held in Warsaw, Poland, called “Ucieczka z Matrixa: (nie)bezpieczna analiza malware” (eng.
0 kommentar(er)
