IrfanView Multiple Unspecified Image Handling Heap-Based Memory Corruption Vulnerabilities
BID:13099
Info
IrfanView Multiple Unspecified Image Handling Heap-Based Memory Corruption Vulnerabilities
| Bugtraq ID: | 13099 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 11 2005 12:00AM |
| Updated: | Apr 11 2005 12:00AM |
| Credit: | These issues were reported by Bruno Rohee. |
| Vulnerable: |
Irfan Skiljan IrfanView32 3.0.7 Irfan Skiljan IrfanView32 3.95 |
| Not Vulnerable: | |
Discussion
IrfanView Multiple Unspecified Image Handling Heap-Based Memory Corruption Vulnerabilities
IrfanView is reported prone to multiple unspecified heap memory corruption vulnerabilities. It is reported that these issues are caused by a lack of sufficient sanity checks performed while allocating heap-based memory when the chunk size is derived from the image height, width and plane values.
It is reported that a malicious image may be used to trigger these issues.
A remote attacker may potentially exploit these vulnerabilities to crash affected software, or to potentially execute arbitrary code in the context of the user that is running the affected software, although this is not confirmed.
This BID will be updated and split into unique BIDs as soon as further information is available.
IrfanView is reported prone to multiple unspecified heap memory corruption vulnerabilities. It is reported that these issues are caused by a lack of sufficient sanity checks performed while allocating heap-based memory when the chunk size is derived from the image height, width and plane values.
It is reported that a malicious image may be used to trigger these issues.
A remote attacker may potentially exploit these vulnerabilities to crash affected software, or to potentially execute arbitrary code in the context of the user that is running the affected software, although this is not confirmed.
This BID will be updated and split into unique BIDs as soon as further information is available.
Exploit / POC
IrfanView Multiple Unspecified Image Handling Heap-Based Memory Corruption Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
IrfanView Multiple Unspecified Image Handling Heap-Based Memory Corruption Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
IrfanView Multiple Unspecified Image Handling Heap-Based Memory Corruption Vulnerabilities
References:
References:
- IrfanView homepage (Irfan Skiljan)
- XV multiple buffer overflows (update) (Greg Roelofs