Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5233

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-5233
Last Modified 26 Oct 2012 12:00:00
Published 25 Oct 2012 01:55:07
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-5233

Summary

Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file.

Vulnerable Systems

Application

  • Irfanview 3.90

  • Irfanview 3.91

  • Irfanview 3.92

  • Irfanview 3.95

  • Irfanview 3.97

  • Irfanview 3.98

  • Irfanview 3.99

  • Irfanview 4.00

  • Irfanview 4.10

  • Irfanview 4.20

  • Irfanview 4.23

  • Irfanview 4.25

  • Irfanview 4.27

  • Irfanview 4.28

  • Irfanview 4.30


References

XF - irfanview-tiff-bo(71891)

MISC - http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=30&Itemid=30

OSVDB - 77957

CONFIRM - http://www.irfanview.com/history_old.htm

EXPLOIT-DB - 18257

SECUNIA - 47065


Last Updated: 27 May 2016 11:01:16