Alternate Pic View 2.150 - '.pgm' Crash (PoC)

EDB-ID:

39444

CVE:

N/A




Platform:

Windows

Date:

2016-02-15


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

# Exploit Title: Alternate Pic View 2.150 PGM CRASH POC
# Date: 14-02-2016
# Exploit Author: Shantanu Khandelwal
# Vendor Homepage: http://www.alternate-tools.com
<https://potplayer.daum.net/>
# Software Link: http://www.alternate-tools.com/pages/c_picview.php?lang=ENG
# Version: 2.150
# Tested on: Windows XP Sp3,Windows 7
# CVE : unknown at the moment

#============================================================================================
Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=01e57f20 ebx=003b0178 ecx=0065014c edx=e16a9530 esi=01e57f18
edi=003b0000
eip=7c9108b2 esp=0012f448 ebp=0012f504 iopl=0 nv up ei pl nz ac po cy
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010213
#===========================================================================================

Alternate Pic Viewer crashes on a faulty PGM image file .

Faulty PGM file is attached as POC

Proof of Concept:
https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/