Could anyone please point me in the direction of a small c application that is known to be vulnerable to fuzzing(I will be fuzzing it using zzuf) that has the source code available and is easily installed on Ubuntu. Many Thanks
问问题
404 次
1 回答
1
您可以使用根据CVE-2012-1173易受多个整数溢出影响的libtiff 3.9.4(特别是),从而允许远程攻击者通过 TIFF 文件中精心设计的切片大小执行任意代码。tiff_getimage.c
于 2015-09-02T21:53:17.477 回答