Apply by doing:
	cd /usr/src
	patch -p0 < 010_exec.patch
And then rebuild your kernel.

Index: sys/compat/ibcs2/ibcs2_exec.c
===================================================================
RCS file: /cvs/src/sys/compat/ibcs2/ibcs2_exec.c,v
retrieving revision 1.14
diff -u -r1.14 ibcs2_exec.c
--- sys/compat/ibcs2/ibcs2_exec.c	2002/08/22 22:04:42	1.14
+++ sys/compat/ibcs2/ibcs2_exec.c	2003/11/03 22:02:04
@@ -616,6 +616,8 @@
 	struct xseg *xs;
 
 	/* read in segment table */
+	if (xep->xe_segsize > 16 * sizeof(*xs))
+		return (ENOEXEC);
 	xs = (struct xseg *)malloc(xep->xe_segsize, M_TEMP, M_WAITOK);
 	error = vn_rdwr(UIO_READ, epp->ep_vp, (caddr_t)xs,
 			xep->xe_segsize, xep->xe_segpos,
Index: sys/kern/exec_elf.c
===================================================================
RCS file: /cvs/src/sys/kern/exec_elf.c,v
retrieving revision 1.44
diff -u -r1.44 exec_elf.c
--- sys/kern/exec_elf.c	2003/02/18 03:54:40	1.44
+++ sys/kern/exec_elf.c	2003/11/03 22:02:05
@@ -786,6 +786,7 @@
 
 	for (ph = hph;  ph < &hph[eh->e_phnum]; ph++) {
 		if (ph->p_type != PT_NOTE ||
+		    ph->p_filesz > 1024 ||
 		    ph->p_filesz < sizeof(Elf_Note) + name_size)
 			continue;