Thursday, May 14, 2015

SITREP on Foxit fuzzing

Here comes the results of the half way through Foxit fuzzing (have to do a couple day pause, because there is some electricity work done nearby and I don't want to keep stuff running):

Total time: Around 1.5 weeks
Total number of crashes: 1699
Total number of testcases: ??? (when I was away, the main machine was shut down because of electricity works nearby, so I do have crash reports but not total number of tests done)
Unique crashe signatures: 23
Most probably not exploitable: 15 (NULL pointers and connected stuff)
Might be exploitable: 2 (one that seems to be arbitary write and one heap corruption)
No idea yet: 6 (some really strange crashes among them but some seem to be endless recursion type of stuff)


I also continued downloading new pdf files to test the predictions from last post. Have downloaded about 60K by now, need around 100K more.

No comments:

Post a Comment