JPEGView 1.0.29 – Crash (PoC)

Exploit Database
15 阅读

作者： Debasish Mandal

日期： 2013-11-19
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/29707/

Title: JPEGView - Image Viewer and Editor RCE POC
Date: 18 November'13
Author: Debasish Mandal ( https://twitter.com/debasishm89 )
Version: JPEGView v1.0.29
Download Link : http://sourceforge.net/projects/jpegview/
Vendor Patch : Patched in version v1.0.30
Issue Ticket : http://sourceforge.net/p/jpegview/bugs/31/
Release Note : http://sourceforge.net/projects/jpegview/files/jpegview/1.0.30/
Tested on: Windows XP SP2

A read access violation near function pointer call can be triggered by feeding a specially crafted 
image(width or height smaller than 65535 ) which could lead to code exec.

The file that causes the AV is attached:

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/29707.gif

last Exploits
JPEGView 1.0.29 – Crash (PoC)的更多信息

Microsoft Windows 10 – SMBv3 Tree Connect (PoC)：
Odin Secure FTP Expert 7.6.3 – ‘Site Info’ Denial of Service (PoC)：
RealPlayer 15.0.6.14(.3g2) – ‘WriteAV’ Crash (PoC)：
Jzip – Buffer Overflow (PoC) (SEH Unicode)：
Photoshop CC2014 / Bridge CC 2014 – ‘.gif’ Parsing Memory Corruption：
Memcached 1.4.33 – ‘sasl’ (PoC)：
Graphite2 – NameTable::getName Multiple Heap Out-of-Bounds Reads：
Oracle Java Runtime Environment – Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID：