CVE-2008-2427

GFL SDK 2.82 - Stack-based Buffer Overflow via Sun TAAC File Format Keyword

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2427. PoCs published by Shinnok.

AI-analyzed exploit summary This exploit leverages a stack-based buffer overflow in XnView 1.93.6 by crafting a malicious Sun TAAC file with an oversized 'format' keyword. It includes shellcode to add a user 'test' with password 'test' on Windows XP SP2/SP3.

Description

Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Shinnok · clocalwindows

https://www.exploit-db.com/exploits/5951

View Code ZIP pw:eip

This exploit leverages a stack-based buffer overflow in XnView 1.93.6 by crafting a malicious Sun TAAC file with an oversized 'format' keyword. It includes shellcode to add a user 'test' with password 'test' on Windows XP SP2/SP3.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: XnView 1.93.6 for Windows

No auth needed

Prerequisites: Victim must open the malicious .taac file in XnView

MITRE ATT&CK