0xdd96
0xdd96
# Describe the bug SEGV on unknown address still exists in Assimp::XFileImporter::CreateMeshes. ***This is similar to issue https://github.com/assimp/assimp/issues/1728. Note that #1728 reported wrong type of the vulnerability, as it is...
# Vulnerability description **version:** Bento4-1.6.0-639 **command:** ./mp42aac $POC /dev/null **Download:** [poc](https://github.com/0xdd96/PoC/raw/main/Bento4/AP4_SgpdAtom::AP4_SgpdAtom-out-of-memory) Here is the trace reported by ASAN: ``` $ mp42aac poc /dev/null AddressSanitizer: Out of memory. The process has...
# Vulnerability description version: [0.12.4.4608](https://github.com/LibreDWG/libredwg/releases/tag/0.12.4.4608) & latest commit [f2dea29](https://github.com/LibreDWG/libredwg/commit/f2dea296a0a3bb16afdae8d2ca16749a617a4383) poc: [poc](https://github.com/0xdd96/PoC/raw/main/libredwg/UAF-bit_copy_chain) command: ./dwgrewrite poc **_This is similar to issue #364 and others, but it seems that the patch https://github.com/LibreDWG/libredwg/commit/e95cc1eea8744c40e298208679eda14039b9b5d3 has...
**version**: master (commit 006bbf5) **poc**: [poc](https://github.com/dandanxu96/PoC/blob/main/libsass/libsass-SEGV-on-unknown-address-poc) **command**: ./tester $poc$ Here is the trace reported by ASAN: ``` root:/path_to_libsass# ./tester poc AddressSanitizer:DEADLYSIGNAL ================================================================= ==28897==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc...
**version**: master (commit [caade60](https://github.com/rockcarry/ffjpeg/commit/caade60a69633d74100bd3c2528bddee0b6a1291)) **poc**: [poc](https://github.com/dandanxu96/PoC/blob/main/ffjpeg/ffjpeg-bmp_load-integer-overflow) **command**: ./ffjpeg -e $poc$ Here is the trace reported by ASAN: ``` user@c3ae4d510abb:/path_to_ffjpeg/src$ ./ffjpeg -e poc ================================================================= ==17827==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x612000000148 at...
version: master (commit [caade60](https://github.com/rockcarry/ffjpeg/commit/caade60a69633d74100bd3c2528bddee0b6a1291)) poc: [poc](https://github.com/dandanxu96/PoC/blob/main/ffjpeg/ffjpeg-jfif_load-buffer-overflow) command: ./ffjpeg -d $poc$ Here is the backtrace in GDB: ``` pwndbg> backtrace #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 #1 0x00007ffff73bd859 in __GI_abort () at...
Add bounds check for issue #50
Hello, I would like to ask you about the exploit of CVE-2017-17053. I ran the exp for one night, but it still didn't stop, so I didn't analyze the exploit...
I discovered a [null pointer dereference](https://github.com/libsixel/libsixel/issues/73) vulnerability in the [stb_image.h](https://github.com/libsixel/libsixel/blob/490ec15087e37d8e1395e4dbfb99fc543c5bae5d/src/stb_image.h#L6446-L6458) of libsixel, which also exists in this project. Specifically, if the `stbi__pic_load_core` function returns 0 (line 6528), `result` will be...