Ravens PHP Scripts

IrfanView Palette File Importing Buffer Overflow Vulnerability
Date: Tuesday, October 16, 2007 @ 19:30:06 CEST
Topic: Security


SECUNIA ADVISORY ID: SA26619

VERIFY ADVISORY: http://secunia.com/advisories/26619/

CRITICAL: Moderately critical

IMPACT: System access

WHERE: >From remote

SOFTWARE:
IrfanView 4.x: http://secunia.com/product/14192/
IrfanView 3.x: http://secunia.com/product/2532/

DESCRIPTION: Secunia Research has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system.



The vulnerability is caused due to a boundary error when importing palette (*.pal) files. This can be exploited to cause a stack-based buffer overflow by tricking a user into importing a specially crafted palette (*.pal) file.

Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 4.00. Other versions may also be affected.

SOLUTION: Update to version 4.10.: http://www.irfanview.com/main_download_engl.htm

PROVIDED AND/OR DISCOVERED BY: Stefan Cornelius, Secunia Research.

ORIGINAL ADVISORY:
Secunia: http://secunia.com/secunia_research/2007-71/
IrfanView: http://www.irfanview.com/main_history.htm






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3105