VYPR

Irfanview

by IrfanView

CVEs (373)

  • CVE-2019-17241Oct 8, 2019
    risk 0.00cvss epss 0.01

    IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563.

  • CVE-2019-16887Sep 25, 2019
    risk 0.00cvss epss 0.02

    In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at image00400000+0x000000000001dcfc.

  • CVE-2019-13243Jul 4, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00000000000249c6.

  • CVE-2019-13242Jul 4, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x0000000000013a98.

  • CVE-2013-5351Feb 14, 2014
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.

  • CVE-2013-6932Dec 28, 2013
    risk 0.00cvss epss 0.06

    Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.

  • CVE-2012-5904Nov 17, 2012
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image.

  • CVE-2010-1510May 14, 2010
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression.

  • CVE-2010-1509May 14, 2010
    risk 0.00cvss epss 0.04

    IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based…

  • CVE-2009-2118Jun 18, 2009
    risk 0.00cvss epss 0.03

    Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-based buffer overflow.

  • CVE-2007-4343Oct 16, 2007
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows user-assisted remote attackers to execute arbitrary code via a crafted palette (.pal) file.

  • CVE-2007-1245Mar 3, 2007
    risk 0.00cvss epss 0.01

    IrfanView 3.99 allows remote attackers to cause a denial of service (application crash) via a malformed WMF file.

  • CVE-2006-4231Aug 18, 2006
    risk 0.00cvss epss 0.01

    IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file.

Page 19 of 19