- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19181
- Проверка EDB
-
- Пройдено
- Автор
- FRANCIS PROVENCHER
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- null
- Дата публикации
- 2012-06-16
Код:
#####################################################################################
Application: XnView RAS Image Processing Heap Overflow
Platforms: Windows
Secunia: SA49091
{PRL}: 2012-14
Author: Francis Provencher (Protek Research Lab's)
Website: http://www.protekresearchlab.com/
Twitter: @ProtekResearch
#####################################################################################
1) Introduction
2) Report Timeline
3) Technical details
4) The Code
#####################################################################################
===============
1) Introduction
===============
XnView is a cross-platform image viewer used for viewing, converting, organising and editing graphical & video files.
It is free of charge for private, educational and non-profit organisations. For commercial use and distribution,
the user must register the program. It is popular with users as it provides features normally found only
in commercial image viewers.
(http://en.wikipedia.org/wiki/XnView)
#####################################################################################
============================
2) Report Timeline
============================
2012-05-15 Vulnerability reported to Secunia
2012-06-15 Vendor disclose patch
#####################################################################################
============================
3) Technical details
============================
An integer truncation error when processing Sun Raster images can be exploited
to cause a heap-based buffer overflow via a specially crafted "Depth" value in a RAS file.
#####################################################################################
===========
4) The Code
===========
http://www.protekresearchlab.com/exploits/PRL-2012-14.ras
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19181.ras- Источник
- www.exploit-db.com
