Search...

ACDSee PRO 5.1 GIF Image Processing Heap Overflow

2012-06-22T00:00:00

ID EDB-ID:19333
Type exploitdb
Reporter Francis Provencher
Modified 2012-06-22T00:00:00

Description

ACDSee PRO 5.1 GIF Image Processing Heap Overflow. Dos exploit for windows platform

                                        
                                            #####################################################################################

Application:   ACDSee PRO GIF Image Processing Heap Overflow
Platforms:   Windows 

Secunia:   SA48804  

{PRL}:   2012-20

Author:   Francis Provencher (Protek Research Lab's) 

Website:   http://www.protekresearchlab.com/

Twitter:   @ProtekResearch


#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) The Code


#####################################################################################

===============
1) Introduction
===============
ACDSee is a shareware image organizer, viewer, and editor software for Microsoft
Windows and Mac OS X 10.5 and higher developed by ACD Systems. It was originally
distributed as a 16-bit application for Windows 3.0 and later supplanted by a 32-bit
version for Windows 95.

(http://en.wikipedia.org/wiki/ACDSee)

#####################################################################################

============================
2) Report Timeline
============================ 

2012-03-13  Vulnerability reported to Secunia
2012-06-21  Vendor disclose patch


#####################################################################################

============================
3) Technical details
============================
An error in IDE_ACDStd.apl when allocating memory based on values in the Logical
Screen Descriptor structure of a GIF image and later copying data into the buffe
r without ensuring that it's adequately sized can be exploited to corrupt heap memory.
 

The vulnerabilities are confirmed in version 5.1 (Build 137). Other versions may also be affected.

#####################################################################################

===========
4) The Code
===========

http://protekresearchlab.com/exploits/PRL-2012-20.gif
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19333.gif

JSON Vulners Source

Initial Source

{"id": "EDB-ID:19333", "type": "exploitdb", "bulletinFamily": "exploit", "title": "ACDSee PRO 5.1 GIF Image Processing Heap Overflow", "description": "ACDSee PRO 5.1 GIF Image Processing Heap Overflow. Dos exploit for windows platform", "published": "2012-06-22T00:00:00", "modified": "2012-06-22T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/19333/", "reporter": "Francis Provencher", "references": [], "cvelist": [], "lastseen": "2016-02-02T11:36:03", "viewCount": 2, "enchantments": {"score": {"value": 0.7, "vector": "NONE", "modified": "2016-02-02T11:36:03", "rev": 2}, "dependencies": {"references": [], "modified": "2016-02-02T11:36:03", "rev": 2}, "vulnersScore": 0.7}, "sourceHref": "https://www.exploit-db.com/download/19333/", "sourceData": "#####################################################################################\r\n\r\nApplication: ACDSee PRO GIF Image Processing Heap Overflow\r\nPlatforms: Windows \r\n\r\nSecunia: SA48804 \r\n\r\n{PRL}: 2012-20\r\n\r\nAuthor: Francis Provencher (Protek Research Lab's) \r\n\r\nWebsite: http://www.protekresearchlab.com/\r\n\r\nTwitter: @ProtekResearch\r\n\r\n\r\n#####################################################################################\r\n\r\n1) Introduction\r\n2) Report Timeline\r\n3) Technical details\r\n4) The Code\r\n\r\n\r\n#####################################################################################\r\n\r\n===============\r\n1) Introduction\r\n===============\r\nACDSee is a shareware image organizer, viewer, and editor software for Microsoft\r\nWindows and Mac OS X 10.5 and higher developed by ACD Systems. It was originally\r\ndistributed as a 16-bit application for Windows 3.0 and later supplanted by a 32-bit\r\nversion for Windows 95.\r\n\r\n(http://en.wikipedia.org/wiki/ACDSee)\r\n\r\n#####################################################################################\r\n\r\n============================\r\n2) Report Timeline\r\n============================ \r\n\r\n2012-03-13 Vulnerability reported to Secunia\r\n2012-06-21 Vendor disclose patch\r\n\r\n\r\n#####################################################################################\r\n\r\n============================\r\n3) Technical details\r\n============================\r\nAn error in IDE_ACDStd.apl when allocating memory based on values in the Logical\r\nScreen Descriptor structure of a GIF image and later copying data into the buffe\r\nr without ensuring that it's adequately sized can be exploited to corrupt heap memory.\r\n \r\n\r\nThe vulnerabilities are confirmed in version 5.1 (Build 137). Other versions may also be affected.\r\n\r\n#####################################################################################\r\n\r\n===========\r\n4) The Code\r\n===========\r\n\r\nhttp://protekresearchlab.com/exploits/PRL-2012-20.gif\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19333.gif\r\n", "osvdbidlist": ["83093"], "immutableFields": []}