Irfanview
by IrfanView
CVEs (373)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-17241 | 0.00 | — | 0.01 | Oct 8, 2019 | IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563. | |||
| CVE-2019-16887 | 0.00 | — | 0.02 | Sep 25, 2019 | In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at image00400000+0x000000000001dcfc. | |||
| CVE-2019-13243 | 0.00 | — | 0.02 | Jul 4, 2019 | IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00000000000249c6. | |||
| CVE-2019-13242 | 0.00 | — | 0.02 | Jul 4, 2019 | IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x0000000000013a98. | |||
| CVE-2013-5351 | 0.00 | — | 0.05 | Feb 14, 2014 | Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file. | |||
| CVE-2013-6932 | 0.00 | — | 0.06 | Dec 28, 2013 | Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window. | |||
| CVE-2012-5904 | 0.00 | — | 0.06 | Nov 17, 2012 | Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image. | |||
| CVE-2010-1510 | 0.00 | — | 0.04 | May 14, 2010 | Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression. | |||
| CVE-2010-1509 | 0.00 | — | 0.04 | May 14, 2010 | IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based… | |||
| CVE-2009-2118 | 0.00 | — | 0.03 | Jun 18, 2009 | Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-based buffer overflow. | |||
| CVE-2007-4343 | 0.00 | — | 0.03 | Oct 16, 2007 | Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows user-assisted remote attackers to execute arbitrary code via a crafted palette (.pal) file. | |||
| CVE-2007-1245 | 0.00 | — | 0.01 | Mar 3, 2007 | IrfanView 3.99 allows remote attackers to cause a denial of service (application crash) via a malformed WMF file. | |||
| CVE-2006-4231 | 0.00 | — | 0.01 | Aug 18, 2006 | IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file. |
- CVE-2019-17241Oct 8, 2019risk 0.00cvss —epss 0.01
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563.
- CVE-2019-16887Sep 25, 2019risk 0.00cvss —epss 0.02
In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at image00400000+0x000000000001dcfc.
- CVE-2019-13243Jul 4, 2019risk 0.00cvss —epss 0.02
IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00000000000249c6.
- CVE-2019-13242Jul 4, 2019risk 0.00cvss —epss 0.02
IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x0000000000013a98.
- CVE-2013-5351Feb 14, 2014risk 0.00cvss —epss 0.05
Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.
- CVE-2013-6932Dec 28, 2013risk 0.00cvss —epss 0.06
Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.
- CVE-2012-5904Nov 17, 2012risk 0.00cvss —epss 0.06
Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image.
- CVE-2010-1510May 14, 2010risk 0.00cvss —epss 0.04
Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression.
- CVE-2010-1509May 14, 2010risk 0.00cvss —epss 0.04
IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based…
- CVE-2009-2118Jun 18, 2009risk 0.00cvss —epss 0.03
Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-based buffer overflow.
- CVE-2007-4343Oct 16, 2007risk 0.00cvss —epss 0.03
Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows user-assisted remote attackers to execute arbitrary code via a crafted palette (.pal) file.
- CVE-2007-1245Mar 3, 2007risk 0.00cvss —epss 0.01
IrfanView 3.99 allows remote attackers to cause a denial of service (application crash) via a malformed WMF file.
- CVE-2006-4231Aug 18, 2006risk 0.00cvss —epss 0.01
IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file.
Page 19 of 19