Vulnerability research company eEye Security has released a free security vulnerability auditing tool that helps spotting possible integer overflow vulnerabilities.
The tool, called “UFuz3”, is a binary file fuzzer focused on finding integer overflow vulnerabilities. This tool can audit any application which loads a binary file such as Windows Media player, Microsoft Office etc.
Integer overflow vulnerabilities occur when an attempt is made to store a value greater than the maximum fixed size of an integer (32 bits). Integer overflows are dangerous if the calculation has to do with the size of a buffer, which usually leads to buffer overflows.
The tool can be downloaded here.