Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Irfanview Subscribe
Filtered by product Irfanview
Total 190 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-15745 1 Irfanview 2 Cadimage, Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000002ca2e."
CVE-2017-15744 1 Irfanview 2 Cadimage, Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting at CADIMAGE+0x00000000003d35a7."
CVE-2017-15741 1 Irfanview 2 Cadimage, Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Possible Stack Corruption starting at CADIMAGE+0x00000000003d2378."
CVE-2017-15742 1 Irfanview 2 Cadimage, Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d2328."
CVE-2017-15743 1 Irfanview 2 Cadimage, Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADIMAGE+0x00000000003d24a0."
CVE-2017-15738 1 Irfanview 2 Cadimage, Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d22d8."
CVE-2017-15740 1 Irfanview 2 Cadimage, Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow starting at CADIMAGE+0x000000000033228e."
CVE-2017-15739 1 Irfanview 2 Cadimage, Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADIMAGE+0x00000000000042d5."
CVE-2017-15737 1 Irfanview 2 Cadimage, Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d246f."
CVE-2017-15768 1 Irfanview 1 Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address controls Branch Selection starting at image000007f7_42060000+0x0000000000094113."
CVE-2017-15769 1 Irfanview 1 Irfanview 2017-10-24 6.8 MEDIUM 7.8 HIGH
IrfanView 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dds file, related to "Read Access Violation starting at FORMATS!ReadBLP_W+0x0000000000001b22."
CVE-2007-1867 1 Irfanview 1 Irfanview 2017-10-18 10.0 HIGH N/A
Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file.
CVE-2007-2363 1 Irfanview 1 Irfanview 2017-10-10 8.5 HIGH N/A
Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file.
CVE-2008-0493 1 Irfanview 1 Irfanview 2017-09-28 9.3 HIGH N/A
fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information.
CVE-2013-5351 1 Irfanview 1 Irfanview 2017-08-28 7.5 HIGH N/A
Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.
CVE-2012-5904 1 Irfanview 1 Irfanview 2017-08-28 6.8 MEDIUM N/A
Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image.
CVE-2012-0897 1 Irfanview 1 Irfanview 2017-08-28 6.8 MEDIUM N/A
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
CVE-2011-5233 1 Irfanview 1 Irfanview 2017-08-28 4.3 MEDIUM N/A
Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file.
CVE-2007-4343 1 Irfanview 1 Irfanview 2017-07-28 5.1 MEDIUM N/A
Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows user-assisted remote attackers to execute arbitrary code via a crafted palette (.pal) file.
CVE-2017-8369 1 Irfanview 1 Irfanview 2017-07-13 6.8 MEDIUM 7.8 HIGH
IrfanView version 4.44 (32bit) has a "Data from Faulting Address controls Branch Selection starting at USER32!wvsprintfA+0x00000000000002f3" issue, which might allow attackers to execute arbitrary code via a crafted file.