cbcvebase.
CVE-2007-1948
published 2007-04-11

CVE-2007-1948: Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or…

PriorityP344critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
8.26%
94.2th percentile
Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp.

Affected

1 ranges
VendorProductVersion rangeFixed in
irfanviewirfanview
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.