XnView - '.ECW' Image Processing Heap Overflow

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1063861 漏洞类型
发布时间 2012-06-16 更新时间 2012-06-16
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/19182
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#####################################################################################

Application:   XnView ECW Image Processing Heap Overflow
Platforms:   Windows 

Secunia:   SA49091  

{PRL}:   2012-13

Author:   Francis Provencher (Protek Research Lab's) 

Website:   http://www.protekresearchlab.com/

Twitter:   @ProtekResearch


#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) The Code


#####################################################################################

===============
1) Introduction
===============
XnView is a cross-platform image viewer used for viewing, converting, organising and editing graphical & video files.
It is free of charge for private, educational and non-profit organisations. For commercial use and distribution,
the user must register the program. It is popular with users as it provides features normally found only
in commercial image viewers.

(http://en.wikipedia.org/wiki/XnView)

#####################################################################################

============================
2) Report Timeline
============================

2012-05-15  Vulnerability reported to Secunia
2012-06-15  Vendor disclose patch


#####################################################################################

============================
3) Technical details
============================
A boundary error in the NCSEcw.dll module when decompressing Enhanced
Compressed Wavelet images can be exploited to cause a heap-based buffer
overflow via a specially crafted ECW file.

#####################################################################################

===========
4) The Code
===========

http://www.protekresearchlab.com/exploits/PRL-2012-13.ecw
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/19182.ecw