mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-23 19:04:02 +02:00
0xMarcio
1.1 KiB
1.1 KiB
CVE-2010-2597
Description
The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler optimization that triggers a divide-by-zero error.
POC
Reference
No PoCs from references.
Github
- https://github.com/Hwangtaewon/radamsa
- https://github.com/JulianDavis/radamsa
- https://github.com/StephenHaruna/RADAMSA
- https://github.com/marcostolosa/radamsa
- https://github.com/nqwang/radamsa
- https://github.com/sambacha/mirror-radamsa
- https://github.com/sunzu94/radamsa-Fuzzer
- https://github.com/vnc0/radamsa-ios