CVE-2012-5904
medium
CVSS v3
—
CVSS v2
6.8
VIR risk
6.8
Description
Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://secunia.com/advisories/47333
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| irfanview | irfanview | {"endIncluding":"4.32"} | |
| irfanview | irfanview | 1.70 | |
| irfanview | irfanview | 1.80 | |
| irfanview | irfanview | 1.85 | |
| irfanview | irfanview | 1.90 | |
| irfanview | irfanview | 1.95 | |
| irfanview | irfanview | 1.97 | |
| irfanview | irfanview | 1.98 | |
| irfanview | irfanview | 1.98a | |
| irfanview | irfanview | 1.99 | |
| irfanview | irfanview | 2.00 | |
| irfanview | irfanview | 2.05 | |
| irfanview | irfanview | 2.07 | |
| irfanview | irfanview | 2.10 | |
| irfanview | irfanview | 2.12 | |
| irfanview | irfanview | 2.15 | |
| irfanview | irfanview | 2.17 | |
| irfanview | irfanview | 2.18 | |
| irfanview | irfanview | 2.20 | |
| irfanview | irfanview | 2.22 | |
| irfanview | irfanview | 2.25 | |
| irfanview | irfanview | 2.27 | |
| irfanview | irfanview | 2.30 | |
| irfanview | irfanview | 2.32 | |
| irfanview | irfanview | 2.35 | |
| irfanview | irfanview | 2.37 | |
| irfanview | irfanview | 2.40 | |
| irfanview | irfanview | 2.50 | |
| irfanview | irfanview | 2.52 | |
| irfanview | irfanview | 2.55 | |
| irfanview | irfanview | 2.60 | |
| irfanview | irfanview | 2.63 | |
| irfanview | irfanview | 2.65 | |
| irfanview | irfanview | 2.66 | |
| irfanview | irfanview | 2.68 | |
| irfanview | irfanview | 2.80 | |
| irfanview | irfanview | 2.82 | |
| irfanview | irfanview | 2.83 | |
| irfanview | irfanview | 2.85 | |
| irfanview | irfanview | 2.90 | |
| irfanview | irfanview | 2.92 | |
| irfanview | irfanview | 2.95 | |
| irfanview | irfanview | 2.97 | |
| irfanview | irfanview | 2.98 | |
| irfanview | irfanview | 3.00 | |
| irfanview | irfanview | 3.02 | |
| irfanview | irfanview | 3.05 | |
| irfanview | irfanview | 3.07 | |
| irfanview | irfanview | 3.10 | |
| irfanview | irfanview | 3.12 | |
| irfanview | irfanview | 3.15 | |
| irfanview | irfanview | 3.17 | |
| irfanview | irfanview | 3.20 | |
| irfanview | irfanview | 3.21 | |
| irfanview | irfanview | 3.25 | |
| irfanview | irfanview | 3.30 | |
| irfanview | irfanview | 3.33 | |
| irfanview | irfanview | 3.35 | |
| irfanview | irfanview | 3.36 | |
| irfanview | irfanview | 3.50 | |
| irfanview | irfanview | 3.51 | |
| irfanview | irfanview | 3.60 | |
| irfanview | irfanview | 3.61 | |
| irfanview | irfanview | 3.70 | |
| irfanview | irfanview | 3.75 | |
| irfanview | irfanview | 3.80 | |
| irfanview | irfanview | 3.85 | |
| irfanview | irfanview | 3.90 | |
| irfanview | irfanview | 3.91 | |
| irfanview | irfanview | 3.92 | |
| irfanview | irfanview | 3.95 | |
| irfanview | irfanview | 3.97 | |
| irfanview | irfanview | 3.98 | |
| irfanview | irfanview | 3.99 | |
| irfanview | irfanview | 4.00 | |
| irfanview | irfanview | 4.10 | |
| irfanview | irfanview | 4.20 | |
| irfanview | irfanview | 4.23 | |
| irfanview | irfanview | 4.25 | |
| irfanview | irfanview | 4.27 | |
| irfanview | irfanview | 4.28 | |
| irfanview | irfanview | 4.30 | |
References
- http://osvdb.org/80716
- http://secunia.com/advisories/47333
- http://www.irfanview.com/history_old.htm
- http://www.securityfocus.com/bid/52806
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74452
- http://osvdb.org/80716
- http://secunia.com/advisories/47333
- http://www.irfanview.com/history_old.htm
- http://www.securityfocus.com/bid/52806
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74452
CWEs
CWE-119
Verify integrity in audit chain (admin only). AS-IS.