1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: IrfanView CVE-2012-0897 3

Web Attack: IrfanView CVE-2012-0897 3

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a stack based buffer overflow vulnerability in IrfanView.

Additional Information

IrfanView is an image viewer that supports multiple file formats.

IrfanView JPEG-2000 Plugin is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Specifically, a stack-based overflow can occur when handling the Quantization Default (QCD) marker segment in a specially crafted JPEG2000 (JP2) image file.

Successful exploits allow remote attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.

IrfanView JPEG-2000 Plugin 4.32 is vulnerable; other versions may also be affected.

Affected

  • IrfanView JPEG-2000 Plugin 4.32 is vulnerable; other versions may also be affected.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube