VYPR

Irfanview

by IrfanView

CVEs (373)

  • CVE-2020-23550Sep 16, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e82.

  • CVE-2020-23563Jul 17, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.

  • CVE-2020-23562Jul 17, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe.

  • CVE-2020-23561Jul 17, 2022
    risk 0.00cvss epss 0.00

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722.

  • CVE-2021-46064Mar 23, 2022
    risk 0.00cvss epss 0.01

    IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image.

  • CVE-2020-23545Dec 15, 2021
    risk 0.00cvss epss 0.01

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531.

  • CVE-2020-23567Nov 5, 2021
    risk 0.00cvss epss 0.01

    Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to "Integer Divide By Zero starting at JPEG2000!ShowPlugInSaveOptions_W+0x00000000000082ea"

  • CVE-2020-23566Nov 5, 2021
    risk 0.00cvss epss 0.01

    Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptions_W+0x1ecd8.

  • CVE-2020-23565Nov 5, 2021
    risk 0.00cvss epss 0.01

    Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to a "Data from Faulting Address controls Branch Selection starting at JPEG2000!ShowPlugInSaveOptions_W+0x0000000000032850".

  • CVE-2020-23549Oct 28, 2021
    risk 0.00cvss epss 0.01

    IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6".

  • CVE-2020-23546Oct 28, 2021
    risk 0.00cvss epss 0.01

    IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981.

  • CVE-2021-29367Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file.

  • CVE-2021-29365Sep 28, 2021
    risk 0.00cvss epss 0.01

    Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component. This can cause a denial of service (DOS).

  • CVE-2021-29366Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

  • CVE-2021-29364Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

  • CVE-2021-29363Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74

  • CVE-2021-29362Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

  • CVE-2021-29361Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

  • CVE-2021-29360Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

  • CVE-2021-29358Sep 28, 2021
    risk 0.00cvss epss 0.01

    A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file.