Fergie's Tech Blog

GNU oSIP URI Parsing Heap Overflows

From SecuriTeam News article: "Two exploitable heap overflows were discovered by Beyond Security's automated and innovative vulnerability discovering tool, beSTORM. beSTORM quickly discovered two exploitable heap overflows in GNU oSIP, an open source library implementation of SIP. These heap overflows can be used to overwrite arbitrary heap content and modify the execution path of the program once the library tries to free the allocated heap memory."

posted by Fergie @ 4/17/2005 11:07:00 AM