IrfanView 4.27 JPEG 2000 Multiple Vulnerabilities
fuzzing, security, blackbox, tests, i_view32.exe, DoS, JPEG2000, JP2
IrfanView 4.27 JPEG 2000 Multiple Vulnerabilities
FMA-2010-004
IrfanView
4.27
http://www.irfanview.com
i_view32.exe
4.27
58150C1AC5B86C1A6B5E15FE1C3A870D
JPEG2000.dll
4.2.6.0
50B3DCD4F32C9939722A905A06AD371A
Windows XP SP3 Home Edition
Windows XP SP3 Professional Edition
2010.08.08
2012.02.16
2012.03.25
Denial of Service triggered in JPEG2000.dll module, loaded at address 0x10000000. Denial of Service is caused by integer division by zero at address 0x10010056. FuzzMyApp have indentified 15 vulnerable samples during fuzzing JPEG 2000 samples, which triggers given vulnerability.
DoS
Integer division by zero in JPEG2000.dll module at address 0x10010056.
Integer division by zero in JPEG2000.dll module at address 0x10010056.
10010031 8B5424 20 MOV EDX,DWORD PTR SS:[ESP+20]
10010035 897424 28 MOV DWORD PTR SS:[ESP+28],ESI
10010039 8D8A 30040000 LEA ECX,DWORD PTR DS:[EDX+430]
1001003F 8B43 2C MOV EAX,DWORD PTR DS:[EBX+2C]
10010042 33D2 XOR EDX,EDX
10010044 8A1430 MOV DL,BYTE PTR DS:[EAX+ESI]
10010047 8B4424 24 MOV EAX,DWORD PTR SS:[ESP+24]
1001004B 8BFA MOV EDI,EDX
1001004D 8B50 20 MOV EDX,DWORD PTR DS:[EAX+20]
10010050 8D4417 FF LEA EAX,DWORD PTR DS:[EDI+EDX-1]
10010054 33D2 XOR EDX,EDX
10010056 F7F7 DIV EDI ; integer division by zero
10010058 33D2 XOR EDX,EDX
1001005A 8941 F8 MOV DWORD PTR DS:[ECX-8],EAX
1001005D 8B43 30 MOV EAX,DWORD PTR DS:[EBX+30]
10010060 8A1430 MOV DL,BYTE PTR DS:[EAX+ESI]
10010063 8B4424 24 MOV EAX,DWORD PTR SS:[ESP+24]
10010067 8BFA MOV EDI,EDX
image01s.png
100
51
image01.png
Integer division by zero
Integer division by zero
Denial of Service triggered in JPEG2000.dll module, loaded at address 0x10000000. Denial of Service is caused by integer division by zero at address 0x10010072. FuzzMyApp have indentified 9 vulnerable samples during fuzzing JPEG 2000 samples, which triggers given vulnerability.
DoS
Integer division by zero in JPEG2000.dll module at address 0x10010072.
Integer division by zero in JPEG2000.dll module at address 0x10010072.
1001005A 8941 F8 MOV DWORD PTR DS:[ECX-8],EAX
1001005D 8B43 30 MOV EAX,DWORD PTR DS:[EBX+30]
10010060 8A1430 MOV DL,BYTE PTR DS:[EAX+ESI]
10010063 8B4424 24 MOV EAX,DWORD PTR SS:[ESP+24]
10010067 8BFA MOV EDI,EDX
10010069 8B50 24 MOV EDX,DWORD PTR DS:[EAX+24]
1001006C 8D4417 FF LEA EAX,DWORD PTR DS:[EDI+EDX-1]
10010070 33D2 XOR EDX,EDX
10010072 F7F7 DIV EDI ; integer division by zero
10010074 33D2 XOR EDX,EDX
10010076 8941 FC MOV DWORD PTR DS:[ECX-4],EAX
10010079 8B43 2C MOV EAX,DWORD PTR DS:[EBX+2C]
1001007C 8A1430 MOV DL,BYTE PTR DS:[EAX+ESI]
1001007F 8B4424 24 MOV EAX,DWORD PTR SS:[ESP+24]
10010083 8BFA MOV EDI,EDX
10010085 8B50 28 MOV EDX,DWORD PTR DS:[EAX+28]
image02s.png
100
51
image02.png
Integer division by zero
Integer division by zero