Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression.
Max CVSS
5.0
EPSS Score
13.07%
Published
2010-05-14
Updated
2018-10-10
IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow, related to a "sign-extension error."
Max CVSS
5.0
EPSS Score
13.07%
Published
2010-05-14
Updated
2018-10-10
2 vulnerabilities found