Filtered by vendor Irfanview
Subscriptions
Filtered by product Irfanview
Subscriptions
Total
197 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-3585 | 1 Irfanview | 2 Irfanview, Irfanview Plugins | 2024-09-16 | N/A |
| Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file. | ||||
| CVE-2024-44913 | 1 Irfanview | 1 Irfanview | 2024-08-30 | 5.5 Medium |
| An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). | ||||
| CVE-2024-44914 | 1 Irfanview | 1 Irfanview | 2024-08-30 | 5.5 Medium |
| An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). | ||||
| CVE-2024-44915 | 1 Irfanview | 1 Irfanview | 2024-08-30 | 5.5 Medium |
| An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). | ||||
| CVE-2024-6812 | 1 Irfanview | 2 Irfanview, Wsq | 2024-08-23 | 7.8 High |
| IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23273. | ||||
| CVE-2024-6811 | 1 Irfanview | 2 Irfanview, Wsq | 2024-08-23 | 7.8 High |
| IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24192. | ||||
| CVE-2006-4374 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| IrfanView 3.98 (with plugins) allows user-assisted attackers to cause a denial of service (application crash) via a crafted ANI image file, possibly due to a buffer overflow. | ||||
| CVE-2006-4231 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file. | ||||
| CVE-2007-4343 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows user-assisted remote attackers to execute arbitrary code via a crafted palette (.pal) file. | ||||
| CVE-2007-2363 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file. | ||||
| CVE-2007-1948 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp. | ||||
| CVE-2007-1867 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file. | ||||
| CVE-2007-1245 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| IrfanView 3.99 allows remote attackers to cause a denial of service (application crash) via a malformed WMF file. | ||||
| CVE-2008-0493 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-2118 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-based buffer overflow. | ||||
| CVE-2010-1510 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression. | ||||
| CVE-2010-1509 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow, related to a "sign-extension error." | ||||
| CVE-2011-5233 | 1 Irfanview | 1 Irfanview | 2024-08-07 | N/A |
| Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file. | ||||
| CVE-2012-5904 | 1 Irfanview | 1 Irfanview | 2024-08-06 | N/A |
| Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image. | ||||
| CVE-2012-0897 | 1 Irfanview | 1 Irfanview | 2024-08-06 | N/A |
| Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | ||||