Irfanview
CVE-2024-9261
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
IrfanView SID File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SID files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23283.
AnalysisAI
IrfanView SID File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-121. IrfanView SID File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SID files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23283. Affected products include: Irfanview.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute a
In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at image00400000+0x00000000
IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00000000000249c6. Rated high severity (CVSS 7.8), th
IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x0000000000013a98. Rated high severity (CVSS 7.8), th
irfanView 4.56 contains an error processing parsing files of type .pcx. Rated high severity (CVSS 7.5), this vulnerabili
Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote
Irfanview v4.62 allows a user-mode write access violation via a crafted JPEG 2000 file starting at JPEG2000+0x0000000000
An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. Rated high
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038ed4. Rated hig
Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code s
Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote attackers to execute arbitrary code or cause a denial
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today