CVE-2008-0069

XnView < 1.92 - Stack-based Buffer Overflow via Long FontName Parameter in Slideshow File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0069. PoCs published by haluznik.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in XnView 1.92.1 via a malformed slideshow file. It crafts a .sld file with an oversized 'FontName' field and embedded shellcode to execute 'calc.exe' on Windows XP SP1.

Description

Stack-based buffer overflow in XnView 1.92 and 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long FontName parameter in a slideshow (.sld) file, a different vector than CVE-2008-1461.

Exploits (1)

exploitdb WORKING POC VERIFIED

by haluznik · perllocalwindows

https://www.exploit-db.com/exploits/5346

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in XnView 1.92.1 via a malformed slideshow file. It crafts a .sld file with an oversized 'FontName' field and embedded shellcode to execute 'calc.exe' on Windows XP SP1.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: XnView 1.92.1

No auth needed

Prerequisites: Victim must open the malicious .sld file in XnView 1.92.1

MITRE ATT&CK