exploitDog

CVE-2017-8369

Опубликовано: 05 июл. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

IrfanView version 4.44 (32bit) has a "Data from Faulting Address controls Branch Selection starting at USER32!wvsprintfA+0x00000000000002f3" issue, which might allow attackers to execute arbitrary code via a crafted file.

Ссылки

http://www.irfanview.com/plugins.htm
Product
https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-8369
Third Party Advisory
http://www.irfanview.com/plugins.htm
Product
https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-8369
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:x86:*

EPSS

Процентиль: 59%

0.00388

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-3gm9-977v-wxgv

CVSS3: 7.8

github

больше 3 лет назад

IrfanView version 4.44 (32bit) has a "Data from Faulting Address controls Branch Selection starting at USER32!wvsprintfA+0x00000000000002f3" issue, which might allow attackers to execute arbitrary code via a crafted file.

EPSS

Процентиль: 59%

0.00388

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-119