CVE-2010-1509

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-1509
IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow, related to a "sign-extension error."

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://irfanview.com/main_history.htm
http://osvdb.org/64627
http://secunia.com/advisories/39036 Vendor Advisory
http://secunia.com/secunia_research/2010-41 Vendor Advisory
http://www.securityfocus.com/archive/1/511274/100/0/threaded
http://www.securityfocus.com/bid/40104
https://exchange.xforce.ibmcloud.com/vulnerabilities/58548
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6705
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:irfanview:irfanview:*:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:1.70:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:1.75:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:1.80:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:1.85:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:1.90:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:1.95:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:1.97:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:1.98:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:1.98a:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:1.99:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.00:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.05:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.07:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.10:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.12:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.15:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.17:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.18:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.20:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.22:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.25:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.27:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.30:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.32:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.35:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.37:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.40:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.50:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.52:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.55:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.60:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.62:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.63:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.65:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.66:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.68:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.80:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.82:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.83:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.85:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.90:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.92:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.95:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.97:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:2.98:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.00:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.02:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.05:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.07:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.10:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.12:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.15:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.17:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.20:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.21:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.25:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.30:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.33:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.35:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.36:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.50:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.51:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.60:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.61:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.70:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.75:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.80:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.85:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.90:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.91:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.92:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.95:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.97:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.98:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:3.99:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.00:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.10:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.20:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.22:*:*:*:*:*:*:*
cpe:2.3:a:irfanview:irfanview:4.23:*:*:*:*:*:*:*
History

No history.

Information

Published : 2010-05-14 19:30

Updated : 2024-02-04 17:54

NVD link : CVE-2010-1509

Mitre link : CVE-2010-1509

CVE.ORG link : CVE-2010-1509

JSON object : View

Products Affected

irfanview

  • irfanview
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer