CVE-2009-2118 Information

Description

Integer overflow in IrfanView 4.23 when the resampling or screen fitting option is enabled allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image which triggers a heap-based buffer overflow.

Reference

http://osvdb.org/55150 http://secunia.com/advisories/35359 http://www.irfanview.com/main_history.htm http://www.securityfocus.com/bid/35423