Buffer overflow in Hex-rays Ida

CVE-2011-1049

Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Macho-O file.

Vulnerability class: Buffer Overflow

EPSS: 0.005 (67.1th percentile) — read the EPSS interpretation.

Affected products

Hex-rays Ida — versions 5.7, 6.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (x_refsource_CONFIRM)
70846 (x_refsource_OSVDB, vdb-entry)
43190 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
ADV-2011-0357 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)