- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 42300
- Проверка EDB
-
- Пройдено
- Автор
- TEAM OWL337
- Тип уязвимости
- DOS
- Платформа
- LINUX
- CVE
- cve-2017-9936
- Дата публикации
- 2017-07-06
LibTIFF - 'tif_jbig.c' Denial of Service
Код:
Source: http://bugzilla.maptools.org/show_bug.cgi?id=2706
Triggered by “./tiff2ps $POC” or “./tiff2pdf $POC”
Triggered by “./tiff2ps $POC” or “./tiff2pdf $POC”
The asan debug information is below:
$./tiff2ps $POC
=================================================================
==26627==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 1792 byte(s) in 7 object(s) allocated from:
#0 0x7f7c4f1a19aa in malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x989aa)
#1 0x7f7c4dca72fd (/usr/lib/x86_64-linux-gnu/libjbig.so.0+0x12fd)
#2 0x3ea (<unknown module>)
Indirect leak of 170491316224 byte(s) in 223 object(s) allocated from:
#0 0x7f7c4f1a19aa in malloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x989aa)
#1 0x7f7c4dca72fd (/usr/lib/x86_64-linux-gnu/libjbig.so.0+0x12fd)
#2 0x3ea (<unknown module>)
SUMMARY: AddressSanitizer: 170491318016 byte(s) leaked in 230 allocation(s).
Affected version:
<=the Latest version (4.0.8)
Credits:
This vulnerability is detected by team OWL337, with our custom fuzzer coll AFL.
Please contact ganshuitao@gmail.com and chaoz@tsinghua.edu.cn if you need more
info about the team, the tool or the vulnerability.
Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42300.zip- Источник
- www.exploit-db.com
