PRL-2012-18

#####################################################################################

Application:   XnView GIF Image Processing Heap Overflow

Platforms:   Windows

Secunia:   SA48666

{PRL}:   2012-18

Author:   Francis Provencher (Protek Research Lab’s)

Website:   http://www.protekresearchlab.com/

Twitter:   @ProtekResearch

#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) The Code

#####################################################################################

===============
1) Introduction
===============

XnView is a cross-platform image viewer used for viewing, converting, organising and editing graphical & video files.

It is free of charge for private, educational and non-profit organisations. For commercial use and distribution,

the user must register the program. It is popular with users as it provides features normally found only

in commercial image viewers.
(http://en.wikipedia.org/wiki/XnView)

#####################################################################################

============================
2) Report Timeline
============================

2012-05-15  Vulnerability reported to Secunia
2012-06-21  Vendor disclose patch

#####################################################################################

============================
3) Technical details
============================

An indexing error when processing the ImageDescriptor structure of GIF images

can be exploited to corrupt memory via a specially crafted “ImageLeftPosition” value.

 

The vulnerabilities are confirmed in version 1.98.8. Other versions may also be affected
#####################################################################################

===========
4) The Code
===========

Here

###############################################################################