CVEs-PoC/2017/CVE-2017-9935.md at 52f3262c8d52545fc4e20c2a38454fc446c51385

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 19:17:37 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution.

POC

Reference

http://bugzilla.maptools.org/show_bug.cgi?id=2704
http://bugzilla.maptools.org/show_bug.cgi?id=2704
https://usn.ubuntu.com/3606-1/
https://usn.ubuntu.com/3606-1/

Github

https://github.com/project-zot/project-zot.github.io
https://github.com/project-zot/zot

1.1 KiB Raw Blame History

CVE-2017-9935

Description

POC

Reference

Github

1.1 KiB

Raw Blame History