Filtered by vendor Irfanview
Subscribe
Total
187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-44913 | 1 Irfanview | 1 Irfanview | 2024-08-30 | N/A | 5.5 MEDIUM |
| An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2024-44914 | 1 Irfanview | 1 Irfanview | 2024-08-30 | N/A | 5.5 MEDIUM |
| An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2024-44915 | 1 Irfanview | 1 Irfanview | 2024-08-30 | N/A | 5.5 MEDIUM |
| An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2024-6812 | 1 Irfanview | 2 Irfanview, Wsq | 2024-08-23 | N/A | 7.8 HIGH |
| IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23273. | |||||
| CVE-2024-6811 | 1 Irfanview | 2 Irfanview, Wsq | 2024-08-23 | N/A | 7.8 HIGH |
| IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24192. | |||||
| CVE-2021-46064 | 1 Irfanview | 1 Irfanview | 2024-02-14 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image. | |||||
| CVE-2020-23561 | 1 Irfanview | 1 Irfanview | 2024-02-04 | N/A | 5.5 MEDIUM |
| IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722. | |||||
| CVE-2020-23562 | 1 Irfanview | 1 Irfanview | 2024-02-04 | N/A | 5.5 MEDIUM |
| IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe. | |||||
| CVE-2020-23563 | 1 Irfanview | 1 Irfanview | 2024-02-04 | N/A | 5.5 MEDIUM |
| IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba. | |||||
| CVE-2020-23549 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6". | |||||
| CVE-2020-23565 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Irfanview v4.53 allows attackers to execute arbitrary code via a crafted JPEG 2000 file. Related to a "Data from Faulting Address controls Branch Selection starting at JPEG2000!ShowPlugInSaveOptions_W+0x0000000000032850". | |||||
| CVE-2021-29362 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | |||||
| CVE-2021-29361 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | |||||
| CVE-2020-23545 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531. | |||||
| CVE-2021-29360 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | |||||
| CVE-2021-29364 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file. | |||||
| CVE-2020-23566 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptions_W+0x1ecd8. | |||||
| CVE-2021-29365 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component. This can cause a denial of service (DOS). | |||||
| CVE-2021-29367 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file. | |||||
| CVE-2020-23546 | 1 Irfanview | 1 Irfanview | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981. | |||||