CVE-2009-0197
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2009-0197
Status
UNKNOWN
Description
Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow.
Severity
High
CVSS score
9,3
CVSS vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Phase
ASSIGNED (10.04.2009)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0197
References
BID :
34402
BUGTRAQ :
20090407 Secunia Research: IrfanView Formats Plug-in XPM Parsing Integer Overflow
CONFIRM :
http://www.irfanview.com/plugins.htm
MISC :
http://secunia.com/secunia_research/2009-20/
OSVDB :
53323
SECUNIA :
34525
VUPEN :
ADV-2009-0953
XF :
irfanview-formatsplugin-xpm-bo(49717)
SecurityVulns:
IrfanView integer overflow
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
