IrfanView TIFF Image Processing Buffer Overflow Vulnerability

vendor:

IrfanView

by:

Francis Provencher

7.5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: IrfanView

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2011

IrfanView TIFF Image Processing Buffer Overflow Vulnerability

The vulnerability is caused due to an error when processing TIFF images with certain 'Rows Per Strip' and 'Samples Per Pixel' values, which can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted TIFF image file.

Mitigation:

Update to the latest version of IrfanView.

Source

Exploit-DB raw data:

#####################################################################################

Application:   IrfanView TIFF Image Processing Buffer Overflow Vulnerability

Platforms:   Windows

Exploitation:   Remote code execution

Secunia Number:   SA47065  

{PRL}:   2011-10

Author:   Francis Provencher (Protek Research Lab's)

Website:   http://www.protekresearchlab.com/

Twitter:   @ProtekResearch

#####################################################################################

1) Introduction
2) Timeline
3) Technical details
4) PoC


#####################################################################################

===============
1) Introduction
===============

IrfanView is a freeware/shareware image viewer for Microsoft Windows that can view, edit, and convert image files

and play video/audio files. It is noted for its small size, speed, ease of use, and ability to handle a wide variety of graphic

file formats, and has some image creation and painting capabilities. The software was first released in 1996.

IrfanView is free for non-commercial use; commercial use requires paid registration.

#####################################################################################

============
2) Timeline
============


2011-12-02 - Vulnerability reported to vendor
2011-12-20 - Coordinated public release of advisory

#####################################################################################

=================
3) Technical details
=================
The vulnerability is caused due to an error when processing TIFF images with certain "Rows Per Strip" and "Samples Per Pixel"

values, which can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted TIFF

image file.


#####################################################################################

=============
4) The Code
=============

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/18257.tif
http://www.protekresearchlab.com/exploits/PRL-2011-10.tif