-
Fabian Beterke - 15 Nov 2019
Prince of the Honeycomb
A critical heap-buffer overflow vulnerability was discovered in Prince XML, a PDF conversion tool used by the Honeycomb application. The vulnerability was found through fuzzing and binary analysis of TIFF image parsing code. By crafting a malicious TIFF file, an attacker could potentially achieve remote command execution when processing specially crafted image files.