CFF Explorer 7.9 & Secunia

Today I’ve received a Secunia report email about a buffer overflow vulnerability in the CFF Explorer. I was quite amused =). I mean, I usually get emails sent me by users about bugs in the CFF, never got an email by Secunia before.

However, it’s always good to get bug reports. The bug itself was related to a string overflow in the resource editor. I put string safe functions quite some time ago in the old kernel of the CFF, but apparently I missed one.

So, since I had already the project open to fix this bug, I also added support for .NET unoptimized metadata streams. Which is the most important new feature in this release.

6 thoughts on “CFF Explorer 7.9 & Secunia”

  1. Hello!
    It seems like i found another little bug. I’ve discovered that your CFF Explorer (very good proggie) doesn’t like files with virtual sections (i.e. with zero Raw Size) – it get confused and makes mistakes when shows section names where located Export Directory RVA, Import Directory RVA and so forth. Also, it fills Raw Size with Virtual Size value (instead of keeping it zero) while rebuild file with Rebuilder.

  2. Hello, could you please confirm which versions of Windows your programs can run on, and whether they require any frameworks/packages? Particularly the Explorer Suite and the PE Detective programs. Thanks!

  3. Hi Daniel,

    You are doing a great job!. I am a new user of CFF Explorer. I just want to ask you if this tool is just for Windows or it can be used for Linux as well. Thank you!

Leave a Reply

Your email address will not be published. Required fields are marked *