CVE-2017-20225

Description

TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can trigger the overflow through command-line arguments passed to the application, leveraging ROP gadgets to bypass protections and execute shellcode in the application context.

References

• http://lpg.ticalc.org/prj_tiemu/
• https://www.exploit-db.com/exploits/42087
• https://www.vulncheck.com/advisories/tiemu-stack-based-buffer-overflow-vulnerability