2 matches found
Heap-based Buffer Overflow in vim/vim
✍️ Description While testing vim built from commit ddfc051 with Ubuntu clang version 12.0.0-3ubuntu120.04.3 and Address Sanitizer, we discovered crafted input which triggers a heap-buffer-overflow, READ of size 1. 🕵️♂️ Proof of Concept 1. git clone https://github.com/vim/vim LD=lld AS=llvm-as...
UBUNTU-CVE-2017-2870
An exploitable integer overflow vulnerability exists in the tiffimageparse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability...