Vulnerability Name: | CVE-2007-1948 (CCN-33478) | ||||||||
Assigned: | 2007-04-04 | ||||||||
Published: | 2007-04-04 | ||||||||
Updated: | 2018-10-16 | ||||||||
Summary: | Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp. | ||||||||
CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 8.0 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:U/RC:UR)
6.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:U/RC:UR)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2007-1942 Source: MITRE Type: CNA CVE-2007-1943 Source: MITRE Type: CNA CVE-2007-1946 Source: MITRE Type: CNA CVE-2007-1948 Source: MITRE Type: CNA CVE-2008-5870 Source: CCN Type: Ivan Fratric's Security Blog, Wednesday, April 4, 2007 Several Windows image viewers vulnerabilities Source: MISC Type: Exploit, Vendor Advisory http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html Source: OSVDB Type: UNKNOWN 41554 Source: CCN Type: SA24779 ACDSee Products BMP Image Handling Memory Corruption Source: CCN Type: SA24784 FastStone Image Viewer BMP Image Handling Memory Corruption Source: SREASON Type: UNKNOWN 2558 Source: CCN Type: ACD System Web site ACD Products Source: CCN Type: FastStone Web site FastStone Image Viewer Source: CCN Type: OSVDB ID: 34663 ACDSee Multiple Products BMP Image Handling Overflow Source: CCN Type: OSVDB ID: 34664 FastStone Image Viewer BMP Image Handling Memory Corruption Source: CCN Type: OSVDB ID: 41553 Microsoft Windows Explorer BMP Width Dimension Handling Overflow Source: CCN Type: OSVDB ID: 41554 IrfanView BMP Image Non-RLE Encoded Block Handling Overflow Source: CCN Type: OSVDB ID: 51252 FastStone Image Viewer Malformed BMP Handling DoS Source: BUGTRAQ Type: UNKNOWN 20070404 Several Windows image viewers vulnerabilities Source: CCN Type: BID-23312 FastStone Image Viewer Multiple BMP Denial of Service Vulnerabilities Source: CCN Type: BID-23317 ACDSee 9.0 Photo Manager Multiple BMP Denial of Service Vulnerabilities Source: CCN Type: BID-23318 IrfanView Multiple BMP Denial of Service Vulnerabilities Source: CCN Type: BID-23321 Microsoft Windows Explorer BMP Image Denial of Service Vulnerability Source: VUPEN Type: UNKNOWN ADV-2007-1284 Source: XF Type: UNKNOWN multiple-vendors-bmp-bo(33478) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |