What is the cause of the vulnerability? (i.e. what is the fundamental bug in the code that causes it)?
You should be very specific (e.g. if it’s a buffer overflow, explain what the specific error with the use of
buffer is, and how the given input file triggers this error).
Where does the vulnerability take place (i.e. wherein the code of the target is it located)? Please
specify the source file and line number, as well as any other functions that are relevant to creating
the conditions of the bug.
How exploitable is this vulnerability? Does it just crash the program, or can the attacker take
advantage of it to do more things (inject shellcode, corrupt metadata used by memory management,
etc.)? What would an attacker need to do in order to exploit?
How would you fix this vulnerability? (i.e. how would you modify the specific code of the program to
prevent this vulnerability?)