CVE-2021-46064

HIGH

IrfanView 4.59 - Buffer Overflow via TIFF Image Parsing

Title source: llm
STIX 2.1

Description

IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image.

References (3)

Core 3
Core References
Product x_refsource_misc
http://irfanview.com
Product, URL Repurposed
http://irfan.com
Release Notes, Vendor Advisory
https://www.irfanview.info/main_history.htm

Scores

CVSS v3 7.8
EPSS 0.0110
EPSS Percentile 61.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (1)
irfanview/irfanview 4.59
Published Mar 23, 2022
Tracked Since Feb 18, 2026