IrfanView MrSID Plugin < 4.37 Multiple Buffer Overflows

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

An application on the remote host is affected by multiple buffer
overflow vulnerabilities.

Description :

The version of the IrfanView MrSID plugin (MrSID.dll) installed on the
remote Windows host is a version prior to 4.37. It is, therefore,
affected by multiple buffer overflow vulnerabilities :

- A stack-based buffer overflow exists due to improper
validation of the 'IMAGE' tag. (CVE-2013-3944)

- A heap-based buffer overflow exists due to improper
validation of the 'nband' tag. (CVE-2013-3945)

- An integer overflow exists due to improper validation
of the 'levels' header, which could lead to a heap-based
buffer overflow. (CVE-2013-3946)

An attacker can exploit these issues by sending a specially crafted SID
file, which could result in a denial of service or arbitrary code
execution.

See also :

http://secunia.com/advisories/54444/
http://www.irfanview.com/plugins.htm
http://www.irfanview.com/main_history.htm

Solution :

Upgrade the MrSID plugin to version 4.3.7.0 (4.37) or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 72394 ()

Bugtraq ID: 64385
64387
64389

CVE ID: CVE-2013-3944
CVE-2013-3945
CVE-2013-3946