Описание
Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.
Уязвимые конфигурации
Конфигурация 1Версия до 4.36 (включая)
Одно из
cpe:2.3:a:irfanview:irfanview:*:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.00:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.10:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.20:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.23:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.25:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.27:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.28:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.30:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.32:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.33:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.35:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.09879
Низкий
7.6 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.
EPSS
Процентиль: 93%
0.09879
Низкий
7.6 High
CVSS2
Дефекты
CWE-119