VYPR

Vendor CVEs

IrfanView

All CVEs

385 total · sorted by risk
  • CVE-2020-13905Jun 10, 2020
    risk 0.00cvss epss 0.03

    IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038ed4.

  • CVE-2013-3486Jan 27, 2020
    risk 0.00cvss epss 0.02

    IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability

  • CVE-2013-3945Jan 2, 2020
    risk 0.00cvss epss 0.02

    The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag.

  • CVE-2013-3946Jan 2, 2020
    risk 0.00cvss epss 0.02

    Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header.

  • CVE-2019-17258Oct 8, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x000000000000839c.

  • CVE-2019-17257Oct 8, 2019
    risk 0.00cvss epss 0.01

    IrfanView 4.53 allows a Exception Handler Chain to be Corrupted starting at EXR!ReadEXR+0x000000000002af80.

  • CVE-2019-17256Oct 8, 2019
    risk 0.00cvss epss 0.01

    IrfanView 4.53 allows a User Mode Write AV starting at DPX!ReadDPX_W+0x0000000000001203.

  • CVE-2019-17255Oct 8, 2019
    risk 0.00cvss epss 0.01

    IrfanView 4.53 allows a User Mode Write AV starting at EXR!ReadEXR+0x0000000000010836.

  • CVE-2019-17254Oct 8, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at FORMATS!Read_BadPNG+0x0000000000000101.

  • CVE-2019-17253Oct 8, 2019
    risk 0.00cvss epss 0.01

    IrfanView 4.53 allows a User Mode Write AV starting at JPEG_LS+0x000000000000a6b8.

  • CVE-2019-17252Oct 8, 2019
    risk 0.00cvss epss 0.03

    IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!Read_BadPNG+0x0000000000000115.

  • CVE-2019-17251Oct 8, 2019
    risk 0.00cvss epss 0.01

    IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d43.

  • CVE-2019-17250Oct 8, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000042f5.

  • CVE-2019-17249Oct 8, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d57b.

  • CVE-2019-17248Oct 8, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000025b6.

  • CVE-2019-17247Oct 8, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x0000000000007da8.

  • CVE-2019-17246Oct 8, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000258c.

  • CVE-2019-17245Oct 8, 2019
    risk 0.00cvss epss 0.01

    IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0000000000004359.

  • CVE-2019-17244Oct 8, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a.

  • CVE-2019-17243Oct 8, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155.

  • CVE-2019-17242Oct 8, 2019
    risk 0.00cvss epss 0.01

    IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000966f.

  • CVE-2019-17241Oct 8, 2019
    risk 0.00cvss epss 0.01

    IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563.

  • CVE-2019-16887Sep 25, 2019
    risk 0.00cvss epss 0.02

    In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at image00400000+0x000000000001dcfc.

  • CVE-2019-13243Jul 4, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00000000000249c6.

  • CVE-2019-13242Jul 4, 2019
    risk 0.00cvss epss 0.02

    IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x0000000000013a98.

  • CVE-2013-5351Feb 14, 2014
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.

  • CVE-2013-6932Dec 28, 2013
    risk 0.00cvss epss 0.06

    Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.

  • CVE-2012-5904Nov 17, 2012
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image.

  • CVE-2010-1510May 14, 2010
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression.

  • CVE-2010-1509May 14, 2010
    risk 0.00cvss epss 0.04

    IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based…

  • CVE-2009-2118Jun 18, 2009
    risk 0.00cvss epss 0.03

    Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-based buffer overflow.

  • CVE-2009-0197Apr 9, 2009
    risk 0.00cvss epss 0.05

    Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow.

  • CVE-2007-4343Oct 16, 2007
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows user-assisted remote attackers to execute arbitrary code via a crafted palette (.pal) file.

  • CVE-2007-1245Mar 3, 2007
    risk 0.00cvss epss 0.01

    IrfanView 3.99 allows remote attackers to cause a denial of service (application crash) via a malformed WMF file.

  • CVE-2006-4231Aug 18, 2006
    risk 0.00cvss epss 0.01

    IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file.

Page 8 of 8