CVE-2013-6932
IrfanView < 4.37 - Buffer Overflow via Thumbnail Tooltips in Thumbnails Window
Title source: llmDescription
Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.
References (3)
Core 3
Core References
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN63194482/index.html
Various Sources x_refsource_confirm
http://www.irfanview.com/main_history.htm
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000120
Scores
EPSS
0.1498
EPSS Percentile
94.7%
Details
CWE
CWE-119
Status
published
Products (12)
irfanview/irfanview
4.00
irfanview/irfanview
4.10
irfanview/irfanview
4.20
irfanview/irfanview
4.23
irfanview/irfanview
4.25
irfanview/irfanview
4.27
irfanview/irfanview
4.28
irfanview/irfanview
4.30
irfanview/irfanview
4.32
irfanview/irfanview
4.33
... and 2 more
Published
Dec 28, 2013
Tracked Since
Feb 18, 2026