Subscribe via feed.

Avast Integer Overflow Verifying NumFonts In TTC Header

Posted by deepcore on December 15, 2015 – 9:17 pm

If the numFonts field in the TTC header is greater than (SIZE_MAX+1) / 4, an integer overflow occurs in filevirus_ttf() when calling CSafeGenFile::SafeLockBuffer.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.