Description
Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.
Exploits (1)
References (2)
Core 2
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-06/0191.html
Various Sources x_refsource_misc
http://www.reactionpenetrationtesting.co.uk/Irfanview-JLS-Heap-Overflow.html
Scores
EPSS
0.2252
EPSS Percentile
95.9%
Details
CWE
CWE-119
Status
published
Products (1)
irfanview/irfanview_plugins
< 4.33
Published
Jul 05, 2012
Tracked Since
Feb 18, 2026