CVE-2024-6815
IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
In short
IrfanView has a flaw when opening RLE image files that allows attackers to run malicious code on your computer. An attacker can trick you into opening a specially crafted RLE file, and the vulnerability will let them take control of your system.
Technical detail
A buffer overflow vulnerability in IrfanView's RLE file parser allows remote code execution when a user opens a malicious RLE file. The vulnerability stems from insufficient validation of user-supplied data during file parsing, enabling an out-of-bounds write that overwrites memory and permits arbitrary code execution within the application's process context.
Summary generated and translated by AI from the official description.
IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of RLE files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23159.
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
IrfanView · IrfanViewWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →