Integer overflow in the FORMATS Plugin prior to 4.23 for IrfanView allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
irfanview formats |
||
irfanview formats 4.20 |
||
irfanview formats 4.10 |
||
irfanview formats 4.00 |