TECHNICAL BULLETIN
TECHNICAL BULLETIN
| PROBLEM: | InfranView is prone to a remote integer-overflow vulnerability. |
| PLATFORM: | Versions prior to IrfanView 4.25 are vulnerable. |
| ABSTRACT: | Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-based buffer overflow. |
| LINKS: | |
| DOE-CIRC BULLETIN: | http://www.doecirc.energy.gov/bulletins/t-168.shtml |
| OTHER LINKS: | Security Focus http://www.securityfocus.com/bid/35423/info Secunia http://secunia.com/advisories/35359 |
| CVE: | CVE-2009-2118 |
| IMPACT ASSESSMENT | This risk is medium. There have been no known exploits. Successful exploits allow remote attackers to execute arbitrary machine code in the context of the vulnerable application. Failed exploit attempts likely cause denial-of-service conditions. |
[***** Start CVE-2009-2118 *****] CVE: CVE-2009-2118 Remote: Yes Local: No Published: Jun 16 2009 12:00AM Updated: Jun 22 2009 04:59PM Credit: Tielei Wang Class: Boundary Condition Error Discussion: IrfanView is prone to a remote integer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Successful exploits allow remote attackers to execute arbitrary machine code in the context of the vulnerable application. Failed exploit attempts likely cause denial-of-service conditions. Versions prior to IrfanView 4.25 are vulnerable. Vulnerable: IrfanView IrfanView 4.23 Solution: Upgrade to version 4.25. Location of updated software: http://www.irfanview.com/main_history.htm [***** End CVE-2009-2118 *****]
Voice: 866-941-2472
E-mail: doecirc@doecirc.energy.gov
World Wide Web: http://www.doecirc.energy.gov