Buffer Overflow in IrfanView Allows Remote Code Execution via Crafted File

Buffer Overflow in IrfanView Allows Remote Code Execution via Crafted File

CVE-2013-6932 · HIGH Severity

AV:N/AC:H/AU:N/C:C/I:C/A:C

Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.

Learn more about our User Device Pen Test.