CVE-2013-6932
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
28/12/2013
Last modified:
11/04/2025
Description
Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.
Impact
Base Score 2.0
7.60
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:irfanview:irfanview:*:*:*:*:*:*:*:* | 4.36 (including) | |
| cpe:2.3:a:irfanview:irfanview:4.00:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:4.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:4.20:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:4.23:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:4.25:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:4.27:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:4.28:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:4.30:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:4.32:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:4.33:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:4.35:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page