Code injection

2021-02-1716:15:00

PRIOn knowledge base

www.prio-n.com

0.098 Low

EPSS

Percentile

94.9%

JSON

The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote attackers to execute arbitrary code.

CPENameOperatorVersion
wpglt3.1.0.0

CPE	Name	Operator	Version
	wpg	lt	3.1.0.0

References

packetstormsecurity.com/files/161449/IrfanView-4.57-Denial-Of-Service-Code-Execution.html

sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-irfanview-wpg/

www.irfanview.com/plugins.htm

0.098 Low

EPSS

Percentile

94.9%

JSON

Related for PRION:CVE-2021-27224