MSIE PNG zlib API misuse bug DoS

2014.08.05
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

Heh, look at windowscodecs!SPNGREAD::CbReadBytes. It doesn't handle Z_NEED_DICT so infinite loop in IE. Via @lcamtuf http://lcamtuf.coredump.cx/000082-000000-ck.png

References:

http://lcamtuf.coredump.cx/000082-000000-ck.png
https://twitter.com/taviso/status/484032144801398784
http://lcamtuf.blogspot.nl/2014/08/a-bit-more-about-american-fuzzy-lop.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top