JPEGView 1.0.29 - Crash PoC
Blake | 19.11.2013 | Verified Wait | Vulnerable-App |
Denial of Service Exploits | Windows |
Exploit Code
Title: JPEGView - Image Viewer and Editor RCE POC Date: 18 November'13 Author: Debasish Mandal ( https://twitter.com/debasishm89 ) Version: JPEGView v1.0.29 Download Link : http://sourceforge.net/projects/jpegview/ Vendor Patch : Patched in version v1.0.30 Issue Ticket : http://sourceforge.net/p/jpegview/bugs/31/ Release Note : http://sourceforge.net/projects/jpegview/files/jpegview/1.0.30/ Tested on: Windows XP SP2 A read access violation near function pointer call can be triggered by feeding a specially crafted image(width or height smaller than 65535 ) which could lead to code exec. The file that causes the AV is attached: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29707.gif