IrfanView FlashPix PlugIn CVE-2012-0278 Heap Based Buffer Overflow Vulnerability
BID:53009
CVE-2012-278 |Info
IrfanView FlashPix PlugIn CVE-2012-0278 Heap Based Buffer Overflow Vulnerability
| Bugtraq ID: | 53009 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2012-0278 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 13 2012 12:00AM |
| Updated: | Apr 16 2012 07:30AM |
| Credit: | Francis Provencher. |
| Vulnerable: |
IrfanView FlashPix Plugin 4.3.2 0 |
| Not Vulnerable: |
IrfanView FlashPix Plugin 4.3.4 0 |
Discussion
IrfanView FlashPix PlugIn CVE-2012-0278 Heap Based Buffer Overflow Vulnerability
The FlashPix PlugIn for IrfanView is prone to a remote heap-based buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successful exploits allow remote attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.
FlashPix PlugIn 4.3.2.0 is vulnerable; other versions may also be affected.
The FlashPix PlugIn for IrfanView is prone to a remote heap-based buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successful exploits allow remote attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.
FlashPix PlugIn 4.3.2.0 is vulnerable; other versions may also be affected.
Exploit / POC
IrfanView FlashPix PlugIn CVE-2012-0278 Heap Based Buffer Overflow Vulnerability
A proof-of-concept is available at the following location:
http://www.protekresearchlab.com/exploits/PRL-2012-08.fpx
A proof-of-concept is available at the following location:
http://www.protekresearchlab.com/exploits/PRL-2012-08.fpx
Solution / Fix
IrfanView FlashPix PlugIn CVE-2012-0278 Heap Based Buffer Overflow Vulnerability
Solution:
Reportedly the vendor has fixed the issue, however Symantec has not confirmed it. Please contact the vendor for more information.
Solution:
Reportedly the vendor has fixed the issue, however Symantec has not confirmed it. Please contact the vendor for more information.
References
IrfanView FlashPix PlugIn CVE-2012-0278 Heap Based Buffer Overflow Vulnerability
References:
References:
- IrfanView FlashPix PlugIn Decompression Heap Overflow (Francis Provencher)
- IrfanView Homepage (IrfanView)