CVE-2012-4988

XnView 1.99 and 1.99.1 - Remote Code Execution via Crafted JLS Image File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-4988. PoCs published by Joseph Sheridan.

AI-analyzed exploit summary The advisory describes a heap-based buffer overflow in XnView's JLS Plugin (xjpegls.dll) due to improper input sanitization, allowing remote code execution via a crafted JLS file. No exploit code is provided, only references to PoC files.

Description

Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.

Exploits (1)

exploitdb WRITEUP

by Joseph Sheridan · textdoswindows

https://www.exploit-db.com/exploits/21741

View Code ZIP pw:eip

The advisory describes a heap-based buffer overflow in XnView's JLS Plugin (xjpegls.dll) due to improper input sanitization, allowing remote code execution via a crafted JLS file. No exploit code is provided, only references to PoC files.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: XnView 1.99 and 1.99.1 with JLS Plugin (xjpegls.dll 1.96.0.0)

No auth needed

Prerequisites: User interaction to open a malicious JLS file

MITRE ATT&CK