IrfanView 4.33 – ‘IMXCF.dll’ Plugin Code Execution

• Exploit Database
• 16 阅读

• 作者： beford
  日期： 2012-12-11
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/23288/

• >From the simple.xcf file, 0x004ABABC will overwrite eip.
  
  Tested on Windows XP SP3 and Windows 7 x64.
  
  Fixed in the current release IrfanView 4.35: [1]
  
  Shellcode from [2]
  
  Old version installer at [3] [4].
  
  [1] http://www.irfanview.com/main_history.htm
  [2] http://code.google.com/p/win-exec-calc-shellcode/
  [3] http://gd.tuwien.ac.at/graphics/irfanview/plugins/irfanview_plugins_433_setup.exe
  [4] http://gd.tuwien.ac.at/graphics/irfanview/iview433_setup.exe
  
  PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23288.tar.gz