Signature Detail
Short Name |
HTTP:STC:DL:WINSOFTMAGIC-PNG |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
WinSoftMagic png File Parsing Buffer Overflow |
Release Date |
2012/12/06 |
Update Number |
2209 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: WinSoftMagic png File Parsing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in WiNSoftMagic. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the targeted application. Failed exploit attempts could result in a denial of service condition.
Extended Description
WinSoftMagic Photo Editor is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Successful exploits may allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Affected Products
- WinSoftMagic Photo Editor
References
- BugTraq: 39354