Lucene search
K

4 matches found

seebug.org
seebug.org
added 2014/01/02 12:0 a.m.25 views

IrfanView远程缓冲区溢出漏洞

BUGTRAQ ID: 64561 CVECAN ID: CVE-2013-6932 IrfanView是一款快速、免费的图像查看器、浏览器、转换器。FORMATS插件可允许IrfanView读取不常见图形格式。 IrfanView 4.36及其他版本在实现上存在缓冲区溢出漏洞,使用了多字节的目录名称后,远程攻击者通过缩略图窗口内的缩略图提示信息功能所处理过的特制文件,利用此漏洞可执行任意代码。 0 IrfanView IrfanView 4.37 厂商补丁: IrfanView --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.6CVSS6.4AI score0.05749EPSS
Exploits1
NVD
NVD
added 2013/12/28 4:53 a.m.16 views

CVE-2013-6932

Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window...

7.6CVSS7.7AI score0.05749EPSS
Exploits1References3
CVE
CVE
added 2013/12/28 2:0 a.m.62 views

CVE-2013-6932

CVE-2013-6932 affects IrfanView up to version 4.37. A buffer overflow occurs when handling a crafted file in the Thumbnails window’s Tooltip feature with a folder name containing multibyte characters, enabling user-assisted remote code execution. Multiple sources (NVD/NJVM/JVN/JVNDB, Nessus/Tenab...

7.6CVSS7.9AI score0.05749EPSS
Exploits1References3Affected Software1
Kaspersky
Kaspersky
added 2013/12/16 12:0 a.m.42 views

KLA10229 ACE vulnerabilities in IrfanView

A buffer overflow was found in IrfanView. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed GIF file or a specially designed thumbnail in the file. Original advisories IrfanView changelog Related...

7.6CVSS7.7AI score0.05749EPSS
Exploits1References3
Rows per page
Query Builder