CVE-2015-3205 Information

Description

libmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes at the end of the file related to \free\ function calls in the \lexer’s memory clean-up procedure.\

Reference

http://packetstormsecurity.com/files/132257/Libmimedir-VCF-Memory-Corruption-Proof-Of-Concept.html http://www.securityfocus.com/bid/75147 https://www.exploit-db.com/exploits/37249/