CVE-2005-0249

Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.

Date published : 2005-02-08

http://www.kb.cert.org/vuls/id/107822

http://www.symantec.com/avcenter/security/Content/2005.02.08.html