WinSoftMagic Photo Editor PNG File Buffer Overflow Vulnerability
BID:39354
Info
WinSoftMagic Photo Editor PNG File Buffer Overflow Vulnerability
| Bugtraq ID: | 39354 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 09 2010 12:00AM |
| Updated: | Apr 09 2010 12:00AM |
| Credit: | eidelweiss |
| Vulnerable: |
WinSoftMagic Photo Editor 0 |
| Not Vulnerable: | |
Discussion
WinSoftMagic Photo Editor PNG File Buffer Overflow Vulnerability
WinSoftMagic Photo Editor is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
Successful exploits may allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
WinSoftMagic Photo Editor is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
Successful exploits may allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Exploit / POC
WinSoftMagic Photo Editor PNG File Buffer Overflow Vulnerability
To exploit this issue, an attacker must entice an unsuspecting user to open a specially crafted PNG file.
The following exploit is available:
To exploit this issue, an attacker must entice an unsuspecting user to open a specially crafted PNG file.
The following exploit is available:
Solution / Fix
WinSoftMagic Photo Editor PNG File Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
WinSoftMagic Photo Editor PNG File Buffer Overflow Vulnerability
References:
References:
- WinSoftMagic Photo Editor - Homepage (WinsoftMagic)