FYI
-------- Original Message --------
From: 3APA3A <[EMAIL PROTECTED]>
Reply-To: 3APA3A <[EMAIL PROTECTED]>
Organization: http://www.security.nnov.ru
To: [EMAIL PROTECTED]
Dear [EMAIL PROTECTED],
It looks like The Bat! uses libpng 1.0.5 and zlib 1.1.3 and is
vulnerable to very old buffer overflow and double free bugs. At least
it catches exception on http://www.security.nnov.ru/files/libpngbo.png
and thread is silently closed... There is no any visual effect, but
you can see it in debugger. The rest of The Bat! is written in Delphi.
Can anyone confirm if this is exploitable (I know nothing about
Borland compilers)?
--
http://www.security.nnov.ru
/\_/\
{ , . } |\
+--oQQo->{ ^ }<-----+ \
| ZARAZA U 3APA3A } You know my name - look up my number (The Beatles)
+-------------o66o--+ /
|/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
________________________________________________________
Current beta is 3.0.2.4 Rush | 'Using TBBETA' information:
http://www.silverstones.com/thebat/TBUDLInfo.html
IMPORTANT: To register as a Beta tester, use this link first -
http://www.ritlabs.com/en/partners/testers/