Integer Overflow in Hex-Rays IDA Pro Product Line
CVE-2011-1051

Currently unrated

Key Information:

Vendor: Hex-rays
Status: Ida
Vendor: CVE Published:; 21 February 2011

Summary

The vulnerability arises from an integer overflow in the COFF/EPOC/EXPLOAD input file loaders within Hex-Rays IDA Pro versions 5.7 and 6.0. This flaw could lead to unpredictable memory allocation behaviors, potentially enabling attackers to exploit the system. Without proper validation of integer values during file loading processes, there is a risk of compromising application stability and security. Users of the affected versions should exercise caution and monitor for potential updates or patches from Hex-Rays to mitigate any associated risks.

References

https://www.hex-rays.com/vulnfix.shtml

x_refsource_CONFIRM

http://www.securityfocus.com/bid/46525

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/65561

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 21, 2011
Vulnerability Reserved
Feb 21, 2011