[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-unrtf] out-of-bounds memory access in unrtf
|
From: |
Michal Zalewski |
|
Subject: |
[bug-unrtf] out-of-bounds memory access in unrtf |
|
Date: |
Mon, 24 Nov 2014 23:30:35 -0800 |
Looks like this package is no longer maintained, but reporting just
for posterity: there seems to be a bug that probably makes it
dangerous to convert untrusted RTFs:
$ echo '{\cb-999999999' >x
$ unrtf x
This leads to segv while accessing a pointer that is essentially
within attacker's control.
/mz
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug-unrtf] out-of-bounds memory access in unrtf,
Michal Zalewski <=