CVE-2013-6932

Severity CVSS v4.0:
Pending analysis
Type:
CWE-119 Buffer Errors
Publication date:
28/12/2013
Last modified:
11/04/2025

Description

Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:irfanview:irfanview:*:*:*:*:*:*:*:* 4.36 (including)
cpe:2.3:a:irfanview:irfanview:4.00:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.10:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.20:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.23:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.25:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.27:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.28:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.30:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.32:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.33:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.35:*:*:*:*:*:*:*