subject:"\[Full\-disclosure\] \[CVE\-2013\-6356\] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability"

Re: [Full-disclosure] [CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability

2013-11-17 Thread Julien Ahrens

>From a technical point of view, it's a vulnerability because you can gain control of EIP. The reason why a victim would probably import an arbitrary .reg file is the same as why he would use a .wav file from an untrusted source, which exploits a flaw in the installed .wav converter. If you can co

Re: [Full-disclosure] [CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability

2013-11-17 Thread Jann Horn

On Sat, Nov 16, 2013 at 03:23:07PM +0100, Julien Ahrens wrote: > A buffer overflow vulnerability has been identified in Avira Secure > Backup v1.0.0.1 Build 3616. > An attacker needs to force the victim to import an arbitrary .reg file > in order to exploit the vulnerability. Could you please ela

[Full-disclosure] [CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability

2013-11-16 Thread Julien Ahrens

RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION --- Product:Avira Secure Backup Vendor URL: www.avira.com Type: Improper Restriction of Operations within the Bounds of a Memory Buffer [CWE-119] Date found: 2013-10-30 Date pu