LizardTech DjVu浏览器插件多个缓冲区溢出漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1191659 漏洞类型 缓冲区溢出
发布时间 2007-02-15 更新时间 2007-02-15
CVE编号 CVE-2007-0324 CNNVD-ID CNNVD-200702-330
漏洞平台 N/A CVSS评分 7.5
|漏洞来源
https://www.securityfocus.com/bid/22569
https://cxsecurity.com/issue/WLB-2007020062
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200702-330
|漏洞详情
LizardTechDjVu浏览器插件6.1.1版本之前的版本中存在多个缓冲区溢出。远程攻击者可以借助未明向量,执行任意代码。
|漏洞EXP
========================================================================

= Lizardtech DjVu Browser Plug-in - Multiple Vulnerabilities
=
= Vendor Website: 
= http://www.lizardtech.com/
=
= Affected Version:
=    Windows DjVu Browser Plug-in < 6.1.1
=
= Public disclosure on February 15th 2007
========================================================================

== Overview ==

The DjVu Browser Plug-in is the primary means of viewing DjVu documents.

It runs inside most modern browsers including IE, Firefox and Safari.

Versions prior to 6.1.1 are vulnerable to buffer overflows through
various functions. One such example is through the ExportImageAs method.

It should be noted that CERT contacted Lizardtech at about the same time

as we did, advising of numerous overflow problems as well. These have
also been addressed by this update.

== Solutions ==

- Upgrade to version 6.1.1 from the lizardtech website
	http://www.lizardtech.com/
   
== Credit ==

Discovered and advised to Lizardtech November 2006, by Brett Moore of
Security-Assessment.com

== About Security-Assessment.com ==

Security-Assessment.com is Australasia's leading team of Information 
Security consultants specialising in providing high quality Information 
Security services to clients throughout the Asia Pacific region. Our 
clients include some of the largest globally recognised companies in 
areas such as finance, telecommunications, broadcasting, legal and 
government. Our aim is to provide the very best independent advice and 
a high level of technical expertise while creating long and lasting 
professional relationships with our clients.

Security-Assessment.com is committed to security research and 
development, and its team continues to identify and responsibly publish 
vulnerabilities in public and private software vendor's products. 
Members of the Security-Assessment.com R&D team are globally recognised 
through their release of whitepapers and presentations related to new 
security research..
|受影响的产品
LizardTech DjVu Browser Plug-in 6.0.1 LizardTech DjVu Browser Plug-in 6.1 LizardTech DjVu Browser Plug-in 6.0
|参考资料

来源:US-CERT
名称:VU#522393
链接:http://www.kb.cert.org/vuls/id/522393
来源:BID
名称:22569
链接:http://www.securityfocus.com/bid/22569
来源:BUGTRAQ
名称:20070215LizardtechDjVuBrowserPlug-in-MultipleVulnerabilities
链接:http://www.securityfocus.com/archive/1/archive/1/460197/100/0/threaded
来源:SECUNIA
名称:24149
链接:http://secunia.com/advisories/24149
来源:MISC
链接:http://www.lizardtech.com/products/doc/djvupluginrelease.php
来源:OSVDB
名称:33199
链接:http://osvdb.org/33199
来源:XF
名称:djvu-browser-multiple-bo(32510)
链接:http://xforce.iss.net/xforce/xfdb/32510
来源:VUPEN
名称:ADV-2007-0618
链接:http://www.frsirt.com/english/advisories/2007/0618
来源:SREASON
名称:2259
链接:http://securityreason.com/securityalert/2259