Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2017-2813
Deferred
More InfoOfficial Page
Source-talos-cna@cisco.com
View Known Exploited Vulnerability (KEV) details
Published At-21 Jun, 2017 | 19:29
Updated At-20 Apr, 2025 | 01:37

An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation resulting in arbitrary code execution. Vulnerability can be triggered by viewing the image in via the application or by using thumbnailing feature of IrfanView.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.08.8HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Secondary
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
IrfanView
irfanview
>>irfanview>>4.44
cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-190Primarynvd@nist.gov
CWE ID: CWE-190
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/98046talos-cna@cisco.com
Third Party Advisory
VDB Entry
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0310talos-cna@cisco.com
Third Party Advisory
http://www.securityfocus.com/bid/98046af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0310af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/98046
Source: talos-cna@cisco.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0310
Source: talos-cna@cisco.com
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/98046
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0310
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Change History
0Changes found
Details not found