VYPR

Irfanview

by IrfanView

CVEs (373)

  • CVE-2017-9528HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.03

    IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000000f53."

  • CVE-2017-8766HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) allows remote attackers to execute code via a crafted .mov file, because of a "User Mode Write AV near NULL" issue.

  • CVE-2017-8370HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.03

    IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote attackers to execute arbitrary code or cause a denial of service (Heap Corruption and application crash) in processing a FlashPix (.FPX) file, a different vulnerability than CVE-2017-7721.

  • CVE-2017-8369HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.01

    IrfanView version 4.44 (32bit) has a "Data from Faulting Address controls Branch Selection starting at USER32!wvsprintfA+0x00000000000002f3" issue, which might allow attackers to execute arbitrary code via a crafted file.

  • CVE-2017-10926HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at wow64!Wow64NotifyDebugger+0x000000000000001d."

  • CVE-2017-10925HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at…

  • CVE-2017-10924HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529."

  • CVE-2017-10735HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca."

  • CVE-2017-10734HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wow64NotifyDebugger+0x000000000000001d."

  • CVE-2017-10733HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpEnterCriticalSectionContended+0x000…

  • CVE-2017-10732HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x0000000000000429."

  • CVE-2017-10731HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d80."

  • CVE-2017-10730HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d96."

  • CVE-2017-10729HigJul 5, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121."

  • CVE-2017-7721HigApr 30, 2017
    risk 0.51cvss 7.8epss 0.02

    IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an Access Violation and crash in processing a FlashPix (.FPX) file.

  • CVE-2024-31007MedOct 21, 2024
    risk 0.36cvss 5.5epss 0.00

    Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows a local attacker to cause a denial of service via a crafted file. Affected component is IrfanView 32bit 4.66 with plugin formats.dll.

  • CVE-2012-0897Jan 20, 2012
    risk 0.07cvss epss 0.53

    Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.

  • CVE-2011-5233Oct 25, 2012
    risk 0.04cvss epss 0.09

    Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file.

  • CVE-2012-3585Jul 5, 2012
    risk 0.04cvss epss 0.08

    Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.

  • CVE-2008-0493Jan 30, 2008
    risk 0.04cvss epss 0.09

    fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information.

Page 6 of 19