infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

versions affected corrected

unstable
jvazquez-r7 2012-06-29 20:23:17 +02:00
parent 533111c6da
commit 19d476122b
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
modules/exploits/windows/fileformat/irfanview_jpeg2000_bof.rb
View File

@ -19,10 +19,10 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {}) def initialize(info = {})
super(update_info(info, super(update_info(info,
'Name' => 'Irfanview JPEG2000 <= v4.2.6.0 jp2 Stack Buffer Overflow', 'Name' => 'Irfanview JPEG2000 <= v4.3.2.0 jp2 Stack Buffer Overflow',
'Description' => %q{ 'Description' => %q{
This module exploits a stack-based buffer overflow vulnerability in This module exploits a stack-based buffer overflow vulnerability in
version <= 4.2.6.0 of Irfanview's JPEG2000.dll plugin. The vulnerability is version <= 4.3.2.0 of Irfanview's JPEG2000.dll plugin. The vulnerability is
triggered via parsing an invalid qcd chunk structure and specfiying a triggered via parsing an invalid qcd chunk structure and specfiying a
malformed qcd size and data. malformed qcd size and data.
@ -59,8 +59,8 @@ class Metasploit3 < Msf::Exploit::Remote
'Targets' => 'Targets' =>
[ [
# push esp; retn [i_view32.exe] # push esp; retn [i_view32.exe]
[ 'Irfanview 4.33 / Plugins 4.3 / Windows Universal', { 'Ret' => 0x0049a6b4 } ], [ 'Irfanview 4.33 / Plugins 4.32 / Windows Universal', { 'Ret' => 0x0049a6b4 } ],
[ 'Irfanview 4.32 / Plugins 4.3 / Windows Universal', { 'Ret' => 0x004819d8 } ] [ 'Irfanview 4.32 / Plugins 4.32 / Windows Universal', { 'Ret' => 0x004819d8 } ]
], ],
'DisclosureDate' => 'Jun 24 2011', 'DisclosureDate' => 'Jun 24 2011',
'DefaultTarget' => 0)) 'DefaultTarget' => 0))