- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23288
- Проверка EDB
-
- Пройдено
- Автор
- BEFORD
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2012-12-11
Код:
>From the simple.xcf file, 0x004ABABC will overwrite eip.
Tested on Windows XP SP3 and Windows 7 x64.
Fixed in the current release IrfanView 4.35: [1]
Shellcode from [2]
Old version installer at [3] [4].
[1] http://www.irfanview.com/main_history.htm
[2] http://code.google.com/p/win-exec-calc-shellcode/
[3] http://gd.tuwien.ac.at/graphics/irfanview/plugins/irfanview_plugins_433_setup.exe
[4] http://gd.tuwien.ac.at/graphics/irfanview/iview433_setup.exe
PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23288.tar.gz- Источник
- www.exploit-db.com
