what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2012-0897

Status Candidate

Overview

Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.

Related Files

VMware Workstation 11.1 Vprintproxy.exe Stack Overflow
Posted Jan 13, 2016
Authored by Google Security Research, kostyak

Printer virtualization under VMware Workstation involves a vprintproxy.exe process launched by vmware-vmx.exe on the Host. It will receive and process EMFSPOOL files sent by a Guest on its COM1 port, if a virtual printer has been added to the VM hardware (default). Several vulnerabilities in this component allow an unprivileged Guest user to execute code on the Host.

tags | exploit, vulnerability
systems | linux
advisories | CVE-2012-0897
SHA-256 | fec748c19dbac68964e8e4b5197912845973a2971377e9833bd31bde9ed4c3a1
VMware Security Advisory 2015-0004
Posted Jun 9, 2015
Authored by VMware | Site vmware.com

VMware Security Advisory 2015-0004 - VMware Workstation, Fusion and Horizon View Client updates address critical security issues.

tags | advisory
advisories | CVE-2012-0897, CVE-2015-2336, CVE-2015-2337, CVE-2015-2338, CVE-2015-2339, CVE-2015-2340, CVE-2015-2341
SHA-256 | 3bbc42ddc83cb7369651a0d279f93ac38004090680d2c4d23db0f3d8c7f2a690
Irfanview JPEG2000 4.3.2.0 jp2 Stack Buffer Overflow
Posted Jul 2, 2012
Authored by Parvez Anwar, mr_me, juan vazquez | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in versions 4.3.2.0 and below of Irfanview's JPEG2000.dll plugin. This exploit has been tested on a specific version of irfanview (v4.3.2), although other versions may work also. The vulnerability is triggered via parsing an invalid qcd chunk structure and specifying a malformed qcd size and data. Payload delivery and vulnerability trigger can be executed in multiple ways. The user can double click the file, use the file dialog, open via the icon and drag/drop the file into Irfanview\'s window. An egg hunter is used for stability.

tags | exploit, overflow
advisories | CVE-2012-0897, OSVDB-78333
SHA-256 | c5cce711dbd4abe77f358a5360b9fd21367c38e3811ab24c191fb5a02cb79609
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close