Posted by Berend-Jan Wever on Dec 16

Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the 34th entry in the
series. This information is available in more detail on my blog at
http://blog.skylined.nl/20161216001.html. There you can find a repro
that triggered this issue in addition to the information below.

If you find these releases useful, and would like to help me make time
to continue releasing this kind of…