CVE-2005-0249 - Converging Sob

Description

Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.

Reference

http://xforce.iss.net/xforce/alerts/id/187 http://www.symantec.com/avcenter/security/Content/2005.02.08.html http://www.kb.cert.org/vuls/id/107822 http://securitytracker.com/id?1013133 https://exchange.xforce.ibmcloud.com/vulnerabilities/18869