XnView GIF Image Processing Heap Overflow

vendor:

XnView

by:

Francis Provencher

7,5

CVSS

HIGH

Heap Overflow

119

CWE

Product Name: XnView

Affected Version From: 1.98.8

Affected Version To: 1.98.8

Patch Exists: YES

Related CWE: N/A

CPE: a:xnview:xnview

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2012

XnView GIF Image Processing Heap Overflow

An indexing error when processing the ImageDescriptor structure of GIF images can be exploited to corrupt memory via a specially crafted 'ImageLeftPosition' value. The vulnerabilities are confirmed in version 1.98.8. Other versions may also be affected.

Mitigation:

Upgrade to the latest version of XnView

Source

Exploit-DB raw data:

#####################################################################################

Application:   XnView GIF Image Processing Heap Overflow
Platforms:   Windows 

Secunia:   SA48666  

{PRL}:   2012-18

Author:   Francis Provencher (Protek Research Lab's) 

Website:   http://www.protekresearchlab.com/

Twitter:   @ProtekResearch


#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) The Code


#####################################################################################

===============
1) Introduction
===============
XnView is a cross-platform image viewer used for viewing, converting, organising and editing graphical & video files.
It is free of charge for private, educational and non-profit organisations. For commercial use and distribution,
the user must register the program. It is popular with users as it provides features normally found only
in commercial image viewers.

(http://en.wikipedia.org/wiki/XnView)

#####################################################################################

============================
2) Report Timeline
============================ 

2012-05-15  Vulnerability reported to Secunia
2012-06-21  Vendor disclose patch


#####################################################################################

============================
3) Technical details
============================
An indexing error when processing the ImageDescriptor structure of GIF images
can be exploited to corrupt memory via a specially crafted "ImageLeftPosition" value.
 
The vulnerabilities are confirmed in version 1.98.8. Other versions may also be affected

#####################################################################################

===========
4) The Code
===========

http://protekresearchlab.com/exploits/PRL-2012-18.gif
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/37347.gif