CVE-2013-6932 Information

Description

Buffer overflow in IrfanView before 4.37 when a multibyte-character directory name is used allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.

Reference

http://jvn.jp/en/jp/JVN63194482/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000120 http://www.irfanview.com/main_history.htm