Code injection

2017-07-0520:29:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.2%

JSON

IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to “Data from Faulting Address controls Branch Selection starting at KERNELBASE!EnumResourceTypesInternal+0x0000000000000589.”

CPENameOperatorVersion
irfanvieweq4.44
toolseq4.50

CPE	Name	Operator	Version
	irfanview	eq	4.44
	tools	eq	4.50

References

github.com/wlinzi/security_advisories/tree/master/CVE-2017-9923