Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Irfanview Subscribe
Total 193 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-4231 1 Irfanview 1 Irfanview 2018-10-17 2.6 LOW N/A
IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file.
CVE-2007-1948 1 Irfanview 1 Irfanview 2018-10-16 9.3 HIGH N/A
Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp.
CVE-2007-1245 1 Irfanview 1 Irfanview 2018-10-16 4.3 MEDIUM N/A
IrfanView 3.99 allows remote attackers to cause a denial of service (application crash) via a malformed WMF file.
CVE-2009-0197 1 Irfanview 1 Formats 2018-10-11 9.3 HIGH N/A
Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow.
CVE-2010-1510 1 Irfanview 1 Irfanview 2018-10-10 5.0 MEDIUM N/A
Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression.
CVE-2010-1509 1 Irfanview 1 Irfanview 2018-10-10 5.0 MEDIUM N/A
IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow, related to a "sign-extension error."
CVE-1999-1112 1 Irfanview 1 Irfanview 2017-12-18 7.5 HIGH N/A
Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header.
CVE-2012-0025 1 Irfanview 1 Flashpix Plugin 2017-11-29 6.8 MEDIUM N/A
Double free vulnerability in the Free_All_Memory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial of service (crash) via a crafted FPX image.
CVE-2017-9530 1 Irfanview 2 Irfanview, Tools 2017-11-08 4.4 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77df0000!LdrpResCompareResourceNames+0x0000000000000150."
CVE-2017-10925 1 Irfanview 2 Fpx, Irfanview 2017-11-03 6.8 MEDIUM 7.8 HIGH
IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b3ae."
CVE-2017-10924 1 Irfanview 2 Fpx, Irfanview 2017-11-03 6.8 MEDIUM 7.8 HIGH
IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529."
CVE-2017-14693 1 Irfanview 1 Irfanview 2017-11-03 4.6 MEDIUM 7.8 HIGH
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection starting at DJVU!GetPlugInInfo+0x000000000001c613."
CVE-2017-14578 1 Irfanview 1 Irfanview 2017-11-03 4.6 MEDIUM 7.8 HIGH
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ani file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77130000!RtlpCoalesceFreeBlocks+0x00000000000004b4."
CVE-2017-14540 1 Irfanview 1 Irfanview 2017-11-03 4.6 MEDIUM 7.8 HIGH
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e."
CVE-2017-14539 1 Irfanview 1 Irfanview 2017-11-03 4.6 MEDIUM 7.8 HIGH
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x000000000011d767."
CVE-2017-10926 1 Irfanview 2 Fpx, Irfanview 2017-11-03 6.8 MEDIUM 7.8 HIGH
IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at wow64!Wow64NotifyDebugger+0x000000000000001d."
CVE-2017-15242 1 Irfanview 2 Irfanview, Pdf 2017-10-27 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting at PDF!xmlGetGlobalState+0x0000000000031abe."
CVE-2017-15240 1 Irfanview 2 Irfanview, Pdf 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000132cef."
CVE-2017-15251 1 Irfanview 2 Irfanview, Pdf 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x00000000000e7326."
CVE-2017-15250 1 Irfanview 2 Irfanview, Pdf 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000132e19."