Vulnerability Details : CVE-2013-4988
Public exploit exists!
Stack-based buffer overflow in IcoFX 2.5 and earlier allows remote attackers to execute arbitrary code via a long idCount value in an ICONDIR structure in an ICO file. NOTE: some of these details are obtained from third party information.
Vulnerability category: OverflowExecute code
Products affected by CVE-2013-4988
- cpe:2.3:a:icofx:icofx:*:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:icofx:icofx:1.6.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-4988
67.03%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2013-4988
-
IcoFX Stack Buffer Overflow
Disclosure Date: 2013-12-10First seen: 2020-04-26exploit/windows/fileformat/icofx_bofThis module exploits a stack-based buffer overflow vulnerability in version 2.1 of IcoFX. The vulnerability exists while parsing .ICO files, where a specially crafted ICONDIR header providing an arbitrary long number of images in the file can be used to trigger the o
CVSS scores for CVE-2013-4988
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2013-4988
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-4988
-
http://www.securityfocus.com/bid/64221
IcoFX CVE-2013-4988 '.ico' File Remote Buffer Overflow Vulnerability
-
http://seclists.org/fulldisclosure/2013/Dec/54
Full Disclosure: CORE-2013-1107 - IcoFX Buffer Overflow VulnerabilityExploit
-
http://packetstormsecurity.com/files/124380/IcoFX-2.5.0.0-Buffer-Overflow.html
IcoFX 2.5.0.0 Buffer Overflow ≈ Packet StormExploit
-
http://packetstormsecurity.com/files/162995/IcoFX-2.6-Buffer-Overflow.html
IcoFX 2.6 Buffer Overflow ≈ Packet Storm
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/89611
IcoFX ICONDIRENTRY buffer overflow CVE-2013-4988 Vulnerability Report
-
http://www.coresecurity.com/advisories/icofx-buffer-overflow-vulnerability
IcoFX Buffer Overflow Vulnerability | Core SecurityExploit
-
http://archives.neohapsis.com/archives/bugtraq/2013-12/0046.html
Exploit
-
http://www.exploit-db.com/exploits/30208
IcoFX 2.5.0.0 - '.ico' Buffer Overflow (PoC) - Windows dos ExploitExploit
Jump to