IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a.
References
Link | Resource |
---|---|
https://www.irfanview.com/main_history.htm | Release Notes Vendor Advisory |
https://github.com/linhlhq/research/blob/master/README.md | Third Party Advisory |
Configurations
Information
Published : 2019-10-08 05:15
Updated : 2019-10-10 07:00
NVD link : CVE-2019-17244
Mitre link : CVE-2019-17244
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
irfanview
- irfanview