16 lines
No EOL
583 B
Text
16 lines
No EOL
583 B
Text
>From the simple.xcf file, 0x004ABABC will overwrite eip.
|
|
|
|
Tested on Windows XP SP3 and Windows 7 x64.
|
|
|
|
Fixed in the current release IrfanView 4.35: [1]
|
|
|
|
Shellcode from [2]
|
|
|
|
Old version installer at [3] [4].
|
|
|
|
[1] http://www.irfanview.com/main_history.htm
|
|
[2] http://code.google.com/p/win-exec-calc-shellcode/
|
|
[3] http://gd.tuwien.ac.at/graphics/irfanview/plugins/irfanview_plugins_433_setup.exe
|
|
[4] http://gd.tuwien.ac.at/graphics/irfanview/iview433_setup.exe
|
|
|
|
PoC: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/23288.tar.gz |