Lucene search
HistoryOct 25, 2012 - 5:55 p.m.
CVE-2011-5233
cve-2011-5233
heap-based buffer overflow
irfanview
4.32
tiff image file
arbitrary code execution
remote attackers
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
8.3 High
AI Score
Confidence
High
0.104 Low
EPSS
Percentile
95.0%
Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted “Rows Per Strip” and “Samples Per Pixel” values in a TIFF image file.
Affected configurations
Node
irfanviewirfanviewRange≤4.30
ORirfanviewirfanviewMatch3.90
ORirfanviewirfanviewMatch3.91
ORirfanviewirfanviewMatch3.92
ORirfanviewirfanviewMatch3.95
ORirfanviewirfanviewMatch3.97
ORirfanviewirfanviewMatch3.98
ORirfanviewirfanviewMatch3.99
ORirfanviewirfanviewMatch4.00
ORirfanviewirfanviewMatch4.10
ORirfanviewirfanviewMatch4.20
ORirfanviewirfanviewMatch4.23
ORirfanviewirfanviewMatch4.25
ORirfanviewirfanviewMatch4.27
ORirfanviewirfanviewMatch4.28
Related
nessus
nessus
IrfanView < 4.32 Buffer Overflow
2012-01-16 00:00:00
prion
prion
Heap overflow
2012-10-25 17:55:00
cvelist
cvelist
CVE-2011-5233
2012-10-25 17:00:00
nvd
nvd
CVE-2011-5233
2012-10-25 17:55:07
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
8.3 High
AI Score
Confidence
High
0.104 Low
EPSS
Percentile
95.0%
Related for CVE-2011-5233