IrfanView Multiple Buffer Overflow Vulnerabilities
Last Update Date:
2 Apr 2012 11:28
Release Date:
2 Apr 2012
5612
Views
RISK: Medium Risk
TYPE: Clients - Graphics & Design
Multiple vulnerabilities have been identified in IrfanView, which can be exploited by malicious people to compromise a user's system.
- A boundary error when processing RLE compressed bitmap files can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted DIB, RLE, or BMP image.
- The application bundles a vulnerable version of JPEG2000 PlugIn.
Impact
- Remote Code Execution
System / Technologies affected
- IrfanView 4.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 4.33.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with