IrfanView 4.33 Format PlugIn ECW Decompression Heap Overflow

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1047379 漏洞类型
发布时间 2012-06-02 更新时间 2012-06-02
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2012060011
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
Application:  IrfanView 4.33 Format PlugIn ECW Decompression Heap Overflow
 
Plateform:   Windows
 
Exploitation:   Remote code execution
 
Secunia Number:   SA49204 
 
{PRL}:   2012-10
 
Author:   Francis Provencher (Protek Research Lab's)
 
Website:   http://www.protekresearchlab.com/
 
Twitter:   @ProtekResearch
 
############
 
1) Introduction
2) Timeline
3) Technical details
4) PoC
 
 
#####################################################################################
 
===============
1) Introduction
===============
 
IrfanView is a freeware/shareware image viewer for Microsoft Windows that can view, edit, and convert image files
 
and play video/audio files. It is noted for its small size, speed, ease of use, and ability to handle a wide variety of graphic
 
file formats, and has some image creation and painting capabilities. The software was first released in 1996.
 
IrfanView is free for non-commercial use; commercial use requires paid registration.
 
###########
 
============
2) Timeline
============
 
 
2012-05-15 - Vulnerability reported to secunia
2012-05-31 - Coordinated public release of advisory
 
############
 
=================
3) Technical details
=================
 
The vulnerability is caused due to insufficient validation when decompressing an ECW images
 
and can be exploited to cause a heap-based buffer overflow via a specially crafted file.
 
#############
 
=============
4) The Code
=============
 
http://protekresearchlab.com/exploits/PRL-2012-10.ecw
http://www.exploit-db.com/sploits/18964.ecw