Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Irfanview Subscribe
Filtered by product Irfanview
Total 190 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9923 1 Irfanview 2 Irfanview, Tools 2017-07-11 4.4 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!EnumResourceTypesInternal+0x0000000000000589."
CVE-2017-9918 1 Irfanview 2 Irfanview, Tools 2017-07-11 4.4 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at KERNELBASE!QueryOptionalDelayLoadedAPI+0x0000000000000c42."
CVE-2017-9919 1 Irfanview 2 Irfanview, Tools 2017-07-11 4.4 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpResCompareResourceNames+0x0000000000000087."
CVE-2017-9916 1 Irfanview 2 Irfanview, Tools 2017-07-11 4.6 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlFreeHandle+0x00000000000001b6."
CVE-2017-9917 1 Irfanview 2 Irfanview, Tools 2017-07-11 4.4 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77df0000!RtlFreeHandle+0x0000000000000218."
CVE-2017-9915 1 Irfanview 2 Irfanview, Tools 2017-07-11 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with TOOLS plugin 4.50 allows attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "Read Access Violation on Block Data Move starting at ntdll_77df0000!memcpy+0x0000000000000033."
CVE-2013-6932 1 Irfanview 1 Irfanview 2013-12-30 7.6 HIGH N/A
Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.
CVE-2012-0278 1 Irfanview 2 Flashpix Plugin, Irfanview 2013-02-14 9.3 HIGH N/A
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression.
CVE-2012-3585 1 Irfanview 2 Irfanview, Irfanview Plugins 2012-07-16 9.3 HIGH N/A
Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.
CVE-2009-2118 1 Irfanview 1 Irfanview 2009-06-23 6.8 MEDIUM N/A
Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-based buffer overflow.