Tag: fuzzing101 (2)

CVE Reproduction > Fuzzing libexif 0.6.14: Reproducing CVE-2009-3895 (Heap Buffer Overflow) and CVE-2012-2836 (Out-of-Bounds Read) (Draft)

CVE Reproduction > Reproducing and Patching CVE-2019-13288 - XPDF Infinite recursion & Null pointer dereference

Vulnerability: CVE-2019-13288 breaks Xpdf’s invariant that the “object stream” referenced by a compressed object must be an uncompressed stream, because the fetch path doesn’t enforce that rule and a crafted xref can make the supposed object stream itself compressed, causing unbounded recursive fetching and a crash.