PEiD – Access Out of Boundary Memory Vulnerability

This is a vulnerability I discovered in PEiD v0.95, which is the latest version. The vulnerability was tested on Windows 7 and Windows XP. It’s triggered when the PointerToRawData of the last section causes integer overflow when subtracted from file size.

Here’s a pseudocode to what’s going on:

 

which is implemented here

 

then later:

 

which is implemented here

 

if file is accepted as a valid PE, then when scanning the last section, PEiD will crash:

 

A PoC file can be downloaded from here

Leave a Reply

Your email address will not be published. Required fields are marked *