[] NeoSense
E X P L O I T S
title author type platform port cve id

JPEGView 1.0.29 - Crash (PoC)

Author: Debasish Mandal
type: dos
platform: windows
port: 
date_added: 2013-11-19 
date_updated: 2013-11-19 
verified: 0 
codes: OSVDB-100017 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comJPEGView_1_0_29.zip
Title: JPEGView - Image Viewer and Editor RCE POC
Date: 18 November'13
Author: Debasish Mandal ( https://twitter.com/debasishm89 )
Version: JPEGView v1.0.29
Download Link : http://sourceforge.net/projects/jpegview/
Vendor Patch : Patched in version v1.0.30
Issue Ticket : http://sourceforge.net/p/jpegview/bugs/31/
Release Note : http://sourceforge.net/projects/jpegview/files/jpegview/1.0.30/
Tested on: Windows XP SP2

A read access violation near function pointer call can be triggered by feeding a specially crafted
image(width or height smaller than 65535 ) which could lead to code exec.

The file that causes the AV is attached:

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/29707.gif
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.