Monday, 22 October 2007

[New Tool] OllyCallTrace

OllyCallTrace is a plugin for OllyDbg (version 1.10) to trace the call chain of a thread allowing you to monitor it for irregularities to aid in the debugging of stack based buffer overflows as well as to quickly plot the execution flow of a program you are reversing.

OllyCallTrace Screenshot

You can download OllyCallTrace from here:

http://www.harmonysecurity.com/OllyCallTrace.html

Thursday, 11 October 2007

Kaspersky Web Scanner ActiveX Format String Vulnerability

iDefense has published an advisory for a high-risk vulnerability in the Kaspersky online virus scanner which was discovered by Stephen Fewer of Harmony Security. You can read the full iDefense advisory here:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=606

And you can read the Kaspersky response here:

http://www.kaspersky.com/news?id=207575572