[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248585

 
 

909

 
 

195621

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

Write access violation vulnerability in IrfanView - CVE-2023-26974

ID: oval:org.secpod.oval:def:88921Date: (C)2023-04-11   (M)2023-11-10
Class: VULNERABILITYFamily: windows




The host is installed with IrfanView 4.62 with JPEG2000.dll plugin 4.56.0.0 and is prone to a write access violation vulnerability. A flaw is present in the application, which fails to handle an issues in unspecified vectors. Successful exploitation could allows a user-mode write access violation via a crafted JPEG 2000 file starting at JPEG2000+0x0000000000001bf0.

Platform:
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server
Microsoft Windows 11
Microsoft Windows Server 2022
Product:
IrfanView
Reference:
CVE-2023-26974
CVE    1
CVE-2023-26974
CPE    2
cpe:/a:irfanview:irfanview:::x64
cpe:/a:irfanview:irfanview

© SecPod Technologies