Infinite Loop Vulnerability in Miniz 2.0.7's tinfl_decompress Function

Infinite Loop Vulnerability in Miniz 2.0.7's tinfl_decompress Function

CVE-2018-12913 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

In Miniz 2.0.7, tinfl_decompress in miniz_tinfl.c has an infinite loop because sym2 and counter can both remain equal to zero.

Learn more about our Web Application Penetration Testing UK.