Heap-based buffer overflow in IrfanView via a crafted PSD image with RLE compression
IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow related to a "sign-extension error."
- Microsoft Windows Server 2003
- Microsoft Windows 2000
- Microsoft Windows Vista
- Microsoft Windows Server 2008
- Microsoft Windows 7
- Microsoft Windows XP