exploit-db-mirror/exploits/windows/dos/29707.txt
Offensive Security d304cc3d3e DB: 2017-11-24
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

16 lines
No EOL
752 B
Text

Title: JPEGView - Image Viewer and Editor RCE POC
Date: 18 November'13
Author: Debasish Mandal ( https://twitter.com/debasishm89 )
Version: JPEGView v1.0.29
Download Link : http://sourceforge.net/projects/jpegview/
Vendor Patch : Patched in version v1.0.30
Issue Ticket : http://sourceforge.net/p/jpegview/bugs/31/
Release Note : http://sourceforge.net/projects/jpegview/files/jpegview/1.0.30/
Tested on: Windows XP SP2
A read access violation near function pointer call can be triggered by feeding a specially crafted
image(width or height smaller than 65535 ) which could lead to code exec.
The file that causes the AV is attached:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/29707.gif