Parsing bug of the week
March 14, 2013 ∞
Security software needs to do a lot of parsing to inspect files and network traffic for malware, so it’s not uncommon to see security software fall to parsing bugs—Wireshark is the example I’ve seen the most often.
Even “professional” security software sometimes contains parsing flaws. Kaspersky Internet Security 2013 is this week’s example. A single IPv6 packet triggers a parsing bug in its firewall that ends up completely freezing the OS.