PUBLISHED DATE: November 9, 1999CVE-1999-1112:
Buffer Overflow Vulnerability

Description

Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header.

Products

• IrfanView IrfanView
• Irfanview
• IrfanView 1.70
• IrfanView 1.70 on x86
• IrfanView 1.80
• IrfanView 1.80 on x86
• IrfanView 1.85
• IrfanView 1.85 on x86
• IrfanView 1.90
• IrfanView 1.90 on x86
• IrfanView 1.95
• IrfanView 1.95 on x86
• IrfanView 1.97
• IrfanView 1.97 on x86
• IrfanView 1.98
• IrfanView 1.98 on x86
• IrfanView 1.98a
• IrfanView 1.98a on x86
• IrfanView 1.99
• IrfanView 1.99 on x86
• IrfanView 2.00
• IrfanView 2.00 on x86
• IrfanView 2.05
• IrfanView 2.05 on x86
• IrfanView 2.07
• IrfanView 2.07 on x86
• IrfanView 2.10
• IrfanView 2.10 on x86
• IrfanView 2.12
• IrfanView 2.12 on x86
• IrfanView 2.15
• IrfanView 2.15 on x86
• IrfanView 2.17
• IrfanView 2.17 on x86
• IrfanView 2.18
• IrfanView 2.18 on x86
• IrfanView 2.20
• IrfanView 2.20 on x86
• IrfanView 2.22
• IrfanView 2.22 on x86
• IrfanView 2.25
• IrfanView 2.25 on x86
• IrfanView 2.27
• IrfanView 2.27 on x86
• IrfanView 2.30
• IrfanView 2.30 on x86
• IrfanView 2.32
• IrfanView 2.32 on x86
• IrfanView 2.35
• IrfanView 2.35 on x86
• IrfanView 2.37
• IrfanView 2.37 on x86
• IrfanView 2.40
• IrfanView 2.40 on x86
• IrfanView 2.50
• IrfanView 2.50 on x86
• IrfanView 2.52
• IrfanView 2.52 on x86
• IrfanView 2.55
• IrfanView 2.55 on x86
• IrfanView 2.60
• IrfanView 2.60 on x86
• IrfanView 2.63
• IrfanView 2.63 on x86
• IrfanView 2.65
• IrfanView 2.65 on x86
• IrfanView 2.66
• IrfanView 2.66 on x86
• IrfanView 2.68
• IrfanView 2.68 on x86
• IrfanView 2.80
• IrfanView 2.80 on x86
• IrfanView 2.82
• IrfanView 2.82 on x86
• IrfanView 2.83
• IrfanView 2.83 on x86
• IrfanView 2.85
• IrfanView 2.85 on x86
• IrfanView 2.90
• IrfanView 2.90 on x86
• IrfanView 2.92
• IrfanView 2.92 on x86
• IrfanView 2.95
• IrfanView 2.95 on x86
• IrfanView 2.97
• IrfanView 2.97 on x86
• IrfanView 2.98
• IrfanView 2.98 on x86
• IrfanView 3.00
• IrfanView 3.00 on x86

Questions to Ask Vendors

1. Can you confirm whether your systems are affected by CVE-1999-1112, and if so, what steps are you currently taking to mitigate this vulnerability?
2. What is your estimated timeline for fully resolving CVE-1999-1112 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions

• Check out the advisory links provided below.

References

• https://nvd.nist.gov/vuln/detail/CVE-1999-1112