Exploitation Summary
EIP tracks 2 public exploits for CVE-2007-2363. PoCs published by fl0 fl0w, Marsu.
AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in IrfanView 3.99 via a malformed .IFF file. It uses a Metasploit-derived shellcode to execute arbitrary code (calc.exe) on Windows XP SP3.
Description
Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file.
Exploits (2)
This exploit targets a stack-based buffer overflow in IrfanView 3.99 via a malformed .IFF file. It uses a Metasploit-derived shellcode to execute arbitrary code (calc.exe) on Windows XP SP3.
This exploit targets a buffer overflow vulnerability in IrfanView <= 4.00 when processing a crafted .IFF file. It includes shellcode for launching calc.exe or binding a shell to port 4444.