Pan '.nzb' File Parsing Heap Overflow Vulnerability

info
discussion
exploit
solution
references

Pan '.nzb' File Parsing Heap Overflow Vulnerability

Pan is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input. The vulnerability occurs when handling malformed '.nzb' files.

Successfully exploiting this issue allows attackers to execute arbitrary code with the privileges of a user running the application. Failed exploit attempts will result in a denial-of-service condition.