Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file.
https://exchange.xforce.ibmcloud.com/vulnerabilities/71891
http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=30&Itemid=30