CVE-2013-3482

ERDAS ER Viewer < 13.0.1.1301 - Stack-Based Buffer Overflow via Long String in ERS File

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-3482. PoCs published by Metasploit, James Fitts, juan vazquez, including Metasploit module exploits/windows/fileformat/erdas_er_viewer_rf_report_error.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in ERS Viewer 2013 (CVE-2013-3482) via a crafted .ers file, achieving arbitrary code execution. It includes ROP chains and egghunter techniques to bypass DEP and ASLR on Windows XP and Windows 7.

Description

Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in an ERS file.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/26708

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in ERS Viewer 2013 (CVE-2013-3482) via a crafted .ers file, achieving arbitrary code execution. It includes ROP chains and egghunter techniques to bypass DEP and ASLR on Windows XP and Windows 7.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: ERS Viewer 2013 (13.0.0.1151)

No auth needed

Prerequisites: Victim must open a malicious .ers file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by James Fitts, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/erdas_er_viewer_rf_report_error.rb

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow vulnerability in ERS Viewer 2013 (CVE-2013-3482) by crafting a malicious .ers file. It includes techniques for bypassing DEP and ASLR on Windows systems, using ROP chains and an egghunter to achieve arbitrary code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: ERS Viewer 2013 (versions 13.0.0.1151)

No auth needed

Prerequisites: Victim must open a malicious .ers file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/26708

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/53620

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/show/osvdb/93650

Various Sources mailing-list x_refsource_vim

http://attrition.org/pipermail/vim/2013-May/002682.html

Vendor Advisory x_refsource_misc

http://www.secunia.com/blog/366

Scores

EPSS 0.3151

EPSS Percentile 98.1%

Details

CWE

CWE-119

Status published

Products (3)

hexagon/erdas_er_viewer 11.04

hexagon/erdas_er_viewer 13.00.0001

hexagon/erdas_er_viewer < 13.0.1.1298

Published Jan 19, 2014

Tracked Since Feb 18, 2026