Irfanview
by IrfanView
CVEs (373)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-23550 | 0.00 | — | 0.00 | Sep 16, 2022 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e82. | |||
| CVE-2020-23563 | 0.00 | — | 0.00 | Jul 17, 2022 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba. | |||
| CVE-2020-23562 | 0.00 | — | 0.00 | Jul 17, 2022 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe. | |||
| CVE-2020-23561 | 0.00 | — | 0.00 | Jul 17, 2022 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722. | |||
| CVE-2021-46064 | 0.00 | — | 0.01 | Mar 23, 2022 | IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image. | |||
| CVE-2020-23545 | 0.00 | — | 0.01 | Dec 15, 2021 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531. | |||
| CVE-2020-23567 | 0.00 | — | 0.01 | Nov 5, 2021 | Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to "Integer Divide By Zero starting at JPEG2000!ShowPlugInSaveOptions_W+0x00000000000082ea" | |||
| CVE-2020-23566 | 0.00 | — | 0.01 | Nov 5, 2021 | Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptions_W+0x1ecd8. | |||
| CVE-2020-23565 | 0.00 | — | 0.01 | Nov 5, 2021 | Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to a "Data from Faulting Address controls Branch Selection starting at JPEG2000!ShowPlugInSaveOptions_W+0x0000000000032850". | |||
| CVE-2020-23549 | 0.00 | — | 0.01 | Oct 28, 2021 | IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6". | |||
| CVE-2020-23546 | 0.00 | — | 0.01 | Oct 28, 2021 | IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981. | |||
| CVE-2021-29367 | 0.00 | — | 0.01 | Sep 28, 2021 | A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file. | |||
| CVE-2021-29365 | 0.00 | — | 0.01 | Sep 28, 2021 | Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component. This can cause a denial of service (DOS). | |||
| CVE-2021-29366 | 0.00 | — | 0.01 | Sep 28, 2021 | A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | |||
| CVE-2021-29364 | 0.00 | — | 0.01 | Sep 28, 2021 | A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | |||
| CVE-2021-29363 | 0.00 | — | 0.01 | Sep 28, 2021 | A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74 | |||
| CVE-2021-29362 | 0.00 | — | 0.01 | Sep 28, 2021 | A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | |||
| CVE-2021-29361 | 0.00 | — | 0.01 | Sep 28, 2021 | A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | |||
| CVE-2021-29360 | 0.00 | — | 0.01 | Sep 28, 2021 | A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | |||
| CVE-2021-29358 | 0.00 | — | 0.01 | Sep 28, 2021 | A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file. |
- CVE-2020-23550Sep 16, 2022risk 0.00cvss —epss 0.00
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e82.
- CVE-2020-23563Jul 17, 2022risk 0.00cvss —epss 0.00
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.
- CVE-2020-23562Jul 17, 2022risk 0.00cvss —epss 0.00
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe.
- CVE-2020-23561Jul 17, 2022risk 0.00cvss —epss 0.00
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722.
- CVE-2021-46064Mar 23, 2022risk 0.00cvss —epss 0.01
IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image.
- CVE-2020-23545Dec 15, 2021risk 0.00cvss —epss 0.01
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531.
- CVE-2020-23567Nov 5, 2021risk 0.00cvss —epss 0.01
Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to "Integer Divide By Zero starting at JPEG2000!ShowPlugInSaveOptions_W+0x00000000000082ea"
- CVE-2020-23566Nov 5, 2021risk 0.00cvss —epss 0.01
Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptions_W+0x1ecd8.
- CVE-2020-23565Nov 5, 2021risk 0.00cvss —epss 0.01
Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to a "Data from Faulting Address controls Branch Selection starting at JPEG2000!ShowPlugInSaveOptions_W+0x0000000000032850".
- CVE-2020-23549Oct 28, 2021risk 0.00cvss —epss 0.01
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6".
- CVE-2020-23546Oct 28, 2021risk 0.00cvss —epss 0.01
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981.
- CVE-2021-29367Sep 28, 2021risk 0.00cvss —epss 0.01
A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file.
- CVE-2021-29365Sep 28, 2021risk 0.00cvss —epss 0.01
Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component. This can cause a denial of service (DOS).
- CVE-2021-29366Sep 28, 2021risk 0.00cvss —epss 0.01
A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
- CVE-2021-29364Sep 28, 2021risk 0.00cvss —epss 0.01
A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
- CVE-2021-29363Sep 28, 2021risk 0.00cvss —epss 0.01
A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74
- CVE-2021-29362Sep 28, 2021risk 0.00cvss —epss 0.01
A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
- CVE-2021-29361Sep 28, 2021risk 0.00cvss —epss 0.01
A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
- CVE-2021-29360Sep 28, 2021risk 0.00cvss —epss 0.01
A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
- CVE-2021-29358Sep 28, 2021risk 0.00cvss —epss 0.01
A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file.
Page 17 of 19