August 17, 2018

Appendix for αDiff (ASE '18)

This page is used as a supplementary web page for paper “αDiff: Cross-Version Binary Code Similarity Detection with DNN” (ASE ‘18). This page contains the model configuration details and our dataset link. ACM Reference Format Bingchang Liu, Wei Huo, Chao Zhang, Wenchao Li, Feng Li, Aihua Piao, Wei Zou.2018. αDiff:Cross-Version...>

August 16, 2017

CVE-2017-11719 FFmpeg-3.3.2 Heap-Out-of-Bound-RW vulnerability due to programming errors in DNxHD decoder

Overview I have found an out-of-bound-write/read vulerability in DNxHD decoder with the help of AFL. The vulnerability is caused by the inconsistence between the intended access size and the buffer’s allocated size. The allocated size is (height * linesizes[0]), however, the access size is (mb_height * linesizes[0]). Arbitrary-address-write can be...>

August 16, 2017

CVE-2017-11399 FFmpeg-3.3.2 Heap-Out-of-Bound-RW due to an integer overflow in APE decoder

Overview A vulnerability in FFmpeg lastest version was found with the help of AFL. This is an heap-out-of-bound-write/read vulnerability due to an integer overflow in APE decoder. The same root cause can lead to many different crash points. It can cause Denial-of-Service and probably cause Remote-Code-Execution. Software & Environments Software...>