← back
CVE-2007-1948

CVE-2007-1948

EPSS 8.3%
Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/29819unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.htmlhttp://osvdb.org/41554http://securityreason.com/securityalert/2558http://www.securityfocus.com/archive/1/464726/100/0/threadedhttp://www.vupen.com/english/advisories/2007/1284