Could anyone please point me in the direction of a small c application that is known to be vulnerable to fuzzing(I will be fuzzing it using zzuf) that has the source code available and is easily installed on Ubuntu. Many Thanks
1 回答
1
您可以使用根据CVE-2012-1173易受多个整数溢出影响的libtiff 3.9.4(特别是),从而允许远程攻击者通过 TIFF 文件中精心设计的切片大小执行任意代码。tiff_getimage.c
于 2015-09-02T21:53:17.477 回答