EIP-2026-115470

PRE-CVE

IrfanView 4.44 - Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115470. PoCs published by Dreivan Orprecio.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in IrfanView 4.44 via the 'OtherExtensions' input field. It uses a JMP ESP instruction from user32.dll to redirect execution, though shellcode constraints are noted due to bad characters and limited space.

Description

IrfanView 4.44 - Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dreivan Orprecio · pythondoswindows

https://www.exploit-db.com/exploits/41949

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in IrfanView 4.44 via the 'OtherExtensions' input field. It uses a JMP ESP instruction from user32.dll to redirect execution, though shellcode constraints are noted due to bad characters and limited space.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: IrfanView 4.44

No auth needed

Prerequisites: IrfanView 4.44 installed on Windows XP SP3 (32-bit) · User interaction to paste payload into 'OtherExtensions' field

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026