Kodak Image Viewer TIFF image handling vulnerability

Added: 10/15/2007
CVE: CVE-2007-2217
BID: 25909
OSVDB: 37627

Background

The Windows Kodak Image Viewer is a utility for rendering various image formats. It is included in Windows 2000, and may also be present on newer versions of Windows if a computer was upgraded from Windows 2000.

Problem

A memory corruption vulnerability in the Windows Kodak Image Viewer could allow command execution when a user opens a specially crafted TIFF file.

Resolution

Install the update referenced in Microsoft Security Bulletin 07-055.

References

http://www.microsoft.com/technet/security/bulletin/MS07-055.mspx

Limitations

Exploit requires a user to open the exploit file in Kodak Image Viewer.

Platforms

Windows 2000

Back to exploit index