Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5904

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-5904
Last Modified 19 Nov 2012 12:00:00
Published 17 Nov 2012 04:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5904

Summary

Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image.

Vulnerable Systems

Application

  • Irfanview 1.70

  • Irfanview 1.80

  • Irfanview 1.85

  • Irfanview 1.90

  • Irfanview 1.95

  • Irfanview 1.97

  • Irfanview 1.98

  • Irfanview 1.98a

  • Irfanview 1.99

  • Irfanview 2.00

  • Irfanview 2.05

  • Irfanview 2.07

  • Irfanview 2.10

  • Irfanview 2.12

  • Irfanview 2.15

  • Irfanview 2.17

  • Irfanview 2.18

  • Irfanview 2.20

  • Irfanview 2.22

  • Irfanview 2.25

  • Irfanview 2.27

  • Irfanview 2.30

  • Irfanview 2.32

  • Irfanview 2.35

  • Irfanview 2.37

  • Irfanview 2.40

  • Irfanview 2.50

  • Irfanview 2.52

  • Irfanview 2.55

  • Irfanview 2.60

  • Irfanview 2.63

  • Irfanview 2.65

  • Irfanview 2.66

  • Irfanview 2.68

  • Irfanview 2.80

  • Irfanview 2.82

  • Irfanview 2.83

  • Irfanview 2.85

  • Irfanview 2.90

  • Irfanview 2.92

  • Irfanview 2.95

  • Irfanview 2.97

  • Irfanview 2.98

  • Irfanview 3.00

  • Irfanview 3.02

  • Irfanview 3.05

  • Irfanview 3.07

  • Irfanview 3.10

  • Irfanview 3.12

  • Irfanview 3.15

  • Irfanview 3.17

  • Irfanview 3.20

  • Irfanview 3.21

  • Irfanview 3.25

  • Irfanview 3.30

  • Irfanview 3.33

  • Irfanview 3.35

  • Irfanview 3.36

  • Irfanview 3.50

  • Irfanview 3.51

  • Irfanview 3.60

  • Irfanview 3.61

  • Irfanview 3.70

  • Irfanview 3.75

  • Irfanview 3.80

  • Irfanview 3.85

  • Irfanview 3.90

  • Irfanview 3.91

  • Irfanview 3.92

  • Irfanview 3.95

  • Irfanview 3.97

  • Irfanview 3.98

  • Irfanview 3.99

  • Irfanview 4.00

  • Irfanview 4.10

  • Irfanview 4.20

  • Irfanview 4.23

  • Irfanview 4.25

  • Irfanview 4.27

  • Irfanview 4.28

  • Irfanview 4.30

  • Irfanview 4.32


References

XF - irfanview-dibrlebmp-bo(74452)

BID - 52806

CONFIRM - http://www.irfanview.com/history_old.htm

SECUNIA - 47333

OSVDB - 80716


Last Updated: 27 May 2016 10:58:28