vendor:
i.Mage
by:
metacom
5.5
CVSS
MEDIUM
Local Crash
400
CWE
Product Name: i.Mage
Affected Version From: i.Mage v1.11 (Win32 Release)
Affected Version To: i.Mage v1.11 (Win32 Release)
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows 7 32-bit Ultimate
2014
i.Mage Local Crash Poc
This exploit creates a vulnerable image.xml file that can cause a crash in i.Mage software. The vulnerability is caused by an access violation when reading a specific memory address. The exploit author has provided a proof of concept code that fills the image.xml file with a large number of 'A' characters, causing the crash. It is recommended to copy the image.xml file to the installation directory of i.Mage software and start the application to trigger the crash.
Mitigation:
There is no known mitigation or remediation for this vulnerability. It is recommended to avoid using the affected software or update to a patched version if available.