New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Heap buffer overflow in ReadSFWImage #682
Comments
|
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ https://www.imagemagick.org/download/beta/ by sometime tomorrow. |
|
Please use CVE-2017-12983 for this issue. What method did you use to find this? |
|
@fgeek Just use the fuzzing tool-AFL.And use someone else testcase fuzz out. |
|
@whiteHat001 Yes. AFL is known to me. I was just curious and in the process I also want to give credits for the author of fuzzing (and similar) tools. Keep up the good work. |
|
what is the parameters run the afl to fuzz CVE-2017-12983 |
zhihua.yao@dbappsecurity.com.cn
My platform is ubuntu x86.
POC https://github.com/whiteHat001/FUZZ_POC/blob/master/heap-buffer-overflow_ReadSFWImage
The text was updated successfully, but these errors were encountered: