Published: 11/04/2007 Updated: 16/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Buffer overflow in IrfanView 3.99 allows context-dependent malicious users to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp.

Vulnerable Product	Search on Vulmon	Subscribe to Product
irfanview irfanview 3.99

source: wwwsecurityfocuscom/bid/23318/info IrfanView is prone to multiple denial-of-service vulnerabilities because the application fails to properly handle malformed BMP image files Successfully exploiting these issues allows attackers to crash the affected application Due to the nature of the issues, code execution may also be possib ...

NVD-CWE-Other http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html http://securityreason.com/securityalert/2558 http://osvdb.org/41554 http://www.vupen.com/english/advisories/2007/1284 http://www.securityfocus.com/archive/1/464726/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/29819/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-1948

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect