CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-2813

An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation resulting in arbitrary code execution. Vulnerability can be triggered by viewing the image in via the application or by using thumbnailing feature of IrfanView.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.0%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

http://www.securityfocus.com/bid/98046
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0310
http://www.securityfocus.com/bid/98046
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0310

Products affected by CVE-2017-2813

Irfanview » Irfanview » Version: 4.44

cpe:2.3:a:irfanview:irfanview:4.44

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-2813

Products

Pricing

Contact Us