CVE-2021-27362

2021-02-1715:44:06

mitre

www.cve.org

9.9 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.8%

JSON

The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code.

References

sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-irfanview-wpg/

www.irfanview.com/plugins.htm