Security-Protocols

eEye Digital Security researcher Yuji Ukai has released UFuz3 which is a very easy to use integer overflow file format fuzzer. Below is a description of UFuz3 from eEye:

UFuz3 is a binary file fuzzer focused on finding integer overflow vulnerabilities. This tool can audit any application which loads a binary file such as Windows Media player, Microsoft office, etc.

After the first five minutes of fuzzing Windows Media Player 11, I found two unique crashes. The only bummer your data file needs to be under 40kb.  You can download UFuz3 here…