CVE-2017-2813

Summary

An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation resulting in arbitrary code execution. Vulnerability can be triggered by viewing the image in via the application or by using thumbnailing feature of IrfanView.

Affected Software

VendorProductVersion RangeStatus
IrfanviewIrfanview4.44affected

Weaknesses

  • arbitrary code execution

ADP Enrichment

CVE Program Container

Additional References

References