OllyDbg Resource Directory Processing Integer Overflow
OllyDbg Resource Directory Processing Integer Overflow Vulnerability
Release Date : 2012-04-16
Criticality level : Less critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: OllyDbg 1.x
Walied Assar has discovered a vulnerability in OllyDbg, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to an integer overflow error when allocating memory based on the size of the resource directory entry. This can be exploited to cause a heap-based buffer overflow via a specially crafted Portable Executable (PE) file.
Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a specially crafted file (does not require debugging it).
The vulnerability is confirmed in version 1.10. Other versions may also be affected.
Do not open files from untrusted sources.
Provided and/or discovered by: