The previous posts of this blog series have been about stack based buffer overflows. With this post, I want to move on to bugs that involve dynamic memory management.
Since there are not that many publicly documented arbitrary free vulnerabilities in prominent software products, I thought it would be worth sharing this one.
The Transport Neutral Encapsulation Format (TNEF) is an email attachment format developed by Microsoft. It can be used to represent complicated messages and attachments, consisting of many different files and file types, as a flattened stream.
Article Link: https://landave.io/2017/08/f-secure-anti-virus-arbitrary-free-vulnerability-via-tnef/