Talos has discovered a vulnerability in Oracles Outside In Technology Image Export SDK. The vulnerability is located in sub_B74EB0EE function in libvs_pdf.so. A malformed PDF file with many objects specified by the /Index entry can lead to a memory overwrite past the ends of the allocated buffer, overwriting adjacent heap chunks. A heap structure is being iterated over in 16 byte increments starting at the following code:.glyglyphic.text:B74EC5E6: eax, [esp+0AFCh+var_A38], 0.2: eax; edx, [edi-2:1: edi, [eax+10h]”]
Source: https://blog.talosintelligence.com/2016/04/oracle-oit-image-export-sdk-libvspdf.html