Vendor
IrfanView
IrfanView is an image viewer, editor, organizer and converter program for Microsoft Windows. It can also play video and audio files, and has some image creation and painting capabilities. IrfanView is free for non-commercial use; commercial use requires paid registration. It is noted for its small size, speed, ease of use, and ability to handle a wide variety of graphic file formats. It was first released in 1996.
Founded 1996
Products
9
CVEs
314
Across products
854
Status
Private
Products
9- 749 CVEs
- 32 CVEs
- 25 CVEs
- 16 CVEs
- 14 CVEs
- 10 CVEs
- 4 CVEs
- 3 CVEs
- 1 CVE
Recent CVEs
314| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-2813 | Hig | 0.57 | 8.8 | 0.00 | Jun 21, 2017 | An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation resulting in arbitrary code execution. Vulnerability can be triggered by viewing the image in via the application or by using thumbnailing feature of IrfanView. | |
| CVE-2017-15769 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dds file, related to "Read Access Violation starting at FORMATS!ReadBLP_W+0x0000000000001b22." | |
| CVE-2017-15766 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001f0a0." | |
| CVE-2017-15765 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at CADIMAGE+0x00000000003e9462." | |
| CVE-2017-15764 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001e6b0." | |
| CVE-2017-15763 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001eca0." | |
| CVE-2017-15762 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001f31b." | |
| CVE-2017-15761 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001ecaa." | |
| CVE-2017-15760 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001ce82." | |
| CVE-2017-15759 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001b3f3." | |
| CVE-2017-15758 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d75b." | |
| CVE-2017-15757 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x00000000000029ba." | |
| CVE-2017-15756 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d7c4." | |
| CVE-2017-15755 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at verifier!AVrfpDphFindBusyMemoryNoCheck+0x0000000000000091." | |
| CVE-2017-15754 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000013968." | |
| CVE-2017-15753 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x00000000000029c2." | |
| CVE-2017-15752 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d6b0." | |
| CVE-2017-15751 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009f39." | |
| CVE-2017-15750 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009ae0." | |
| CVE-2017-15749 | Hig | 0.51 | 7.8 | 0.00 | Oct 22, 2017 | IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x00000000000348b9." |