-
Recent Posts
Recent Comments
- strongcourage on Why I stopped fuzzing research
- Bob Friesenhahn on Why I stopped fuzzing research
- #gentoo dev: Why I stopped fuzzing research https://blogs.gentoo.or… | Dr. Roy Schestowitz (罗伊) on Why I stopped fuzzing research
- Ulya on Why I stopped fuzzing research
- ago on Install Gentoo in less than one minute
Archives
- February 2025
- July 2020
- April 2020
- March 2019
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- February 2016
- July 2015
- August 2013
- June 2013
- May 2013
- January 2013
- December 2012
- November 2012
- October 2012
- August 2012
- July 2012
- June 2012
Categories
Meta
Monthly Archives: December 2016
graphicsmagick: memory allocation failure in MagickRealloc (memory.c)
Description: Graphicsmagick is an Image Processing System. This is an old memory failure, discovered time ago. The maintainer, Mr. Bob Friesenhahn was able to reproduce the issue; I’m quoting his feedback about: The problem is that the embedded JPEG data … Continue reading
Posted in advisories, security
1 Comment
libming: listswf: NULL pointer dereference in dumpBuffer (read.c)
Description: libming is a Flash (SWF) output library. It can be used from PHP, Perl, Ruby, Python, C, C++, Java, and probably more on the way.. A fuzzing revealed a null pointer access in listswf. The bug does not reside … Continue reading
Posted in advisories, security
Leave a comment
libming: listswf: heap-based buffer overflow in _iprintf (outputtxt.c)
Description: libming is a Flash (SWF) output library. It can be used from PHP, Perl, Ruby, Python, C, C++, Java, and probably more on the way.. A fuzzing revealed an overflow in listswf. The bug does not reside in any … Continue reading
Posted in advisories, security
Leave a comment
libming: listswf: heap-based buffer overflow in parseSWF_RGBA (parser.c)
Description: libming is a Flash (SWF) output library. It can be used from PHP, Perl, Ruby, Python, C, C++, Java, and probably more on the way.. A fuzzing revealed an overflow in listswf. The bug does not reside in any … Continue reading
Posted in advisories, security
Leave a comment
libming: listswf: heap-based buffer overflow in parseSWF_DEFINEFONT (parser.c)
Description: libming is a Flash (SWF) output library. It can be used from PHP, Perl, Ruby, Python, C, C++, Java, and probably more on the way.. A fuzzing revealed an overflow in listswf. The bug does not reside in any … Continue reading
Posted in advisories, security
Leave a comment
imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)
Description: imagemagick is a software suite to create, edit, compose, or convert bitmap images. A fuzz on an updated version which includes the fix for CVE-2016-9556, revealed that the issue is still present. The complete ASan output: # identify $FILE … Continue reading
Posted in advisories, security
Leave a comment
libav: multiple crashes from the Undefined Behavior Sanitizer
Description: Libav is an open source set of tools for audio and video processing. A fuzzing on an updated stable releases with the Undefined Behavior Sanitizer enabled, revealed multiple crashes. At the date I’m releasing this post, upstream didn’t give … Continue reading
Posted in advisories, security
1 Comment