Wednesday, December 27, 2006

Flawed antivirus products

A load of new issues have been published, related to AV products (during the current month). Apparently fuzzing is becoming quite a bit popular nowadays, as mostly every issue is related to a file format parsing flaw:

Definitely AV engines are a hot target for fuzzing. They are supposed to handle many different archive and executable formats and that's a great source of security issues (most commonly, integer overflows, heap-based buffer overflows and even some good old stack smashing fun).