Irfanview

irfanview

Vendor: Irfanview • 271 CVEs

CVEs (271)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-8370 1Irfanview 2Fpx Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote attackers to execute arbitrary code or cause a denial of service (Heap Corruption and application crash) in processing a FlashPix (.FPX) file, a different...Show more IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote attackers to execute arbitrary code or cause a denial of service (Heap Corruption and application crash) in processing a FlashPix (.FPX) file, a different vulnerability than CVE-2017-7721.Show less
CVE-2017-8369 1Irfanview 1Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView version 4.44 (32bit) has a "Data from Faulting Address controls Branch Selection starting at USER32!wvsprintfA+0x00000000000002f3" issue, which might allow attackers to execute arbitrary code via a crafted file...Show more IrfanView version 4.44 (32bit) has a "Data from Faulting Address controls Branch Selection starting at USER32!wvsprintfA+0x00000000000002f3" issue, which might allow attackers to execute arbitrary code via a crafted file.Show less
CVE-2017-10926 1Irfanview 2Fpx Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at wow64!Wow6...Show more IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at wow64!Wow64NotifyDebugger+0x000000000000001d."Show less
CVE-2017-10925 1Irfanview 2Fpx Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or m...Show more IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b3ae."Show less
CVE-2017-10924 1Irfanview 2Fpx Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup...Show more IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529."Show less
CVE-2017-10735 1Irfanview 1Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starti...Show more IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca."Show less
CVE-2017-10734 1Irfanview 1Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wow64NotifyDebugger+0x0...Show more IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wow64NotifyDebugger+0x000000000000001d."Show less
CVE-2017-10733 1Irfanview 1Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starti...Show more IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpEnterCriticalSectionContended+0x0000000000000031."Show less
CVE-2017-10732 1Irfanview 1Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starti...Show more IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x0000000000000429."Show less
CVE-2017-10731 1Irfanview 1Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d80."
CVE-2017-10730 1Irfanview 1Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d96."
CVE-2017-10729 1Irfanview 1Irfanview May 13, 2026 Jul 5, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000...Show more IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121."Show less
CVE-2017-2813 1Irfanview 1Irfanview May 13, 2026 Jun 21, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation resulting...Show more An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation resulting in arbitrary code execution. Vulnerability can be triggered by viewing the image in via the application or by using thumbnailing feature of IrfanView.Show less
CVE-2017-7721 1Irfanview 2Fpx Irfanview May 13, 2026 Apr 30, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an Access Violation and crash in processing a FlashPix (.FPX) file.
CVE-2013-5351 1Irfanview 1Irfanview Apr 29, 2026 Feb 14, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.
CVE-2013-6932 1Irfanview 1Irfanview Apr 29, 2026 Dec 28, 2013 N/A· v4 N/A· v3 7.6 HIGH· v2 Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail...Show more Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.Show less
CVE-2012-5904 1Irfanview 1Irfanview Apr 29, 2026 Nov 17, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image.
CVE-2011-5233 1Irfanview 1Irfanview Apr 29, 2026 Oct 25, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file.
CVE-2012-0897 1Irfanview 1Irfanview Apr 29, 2026 Jan 20, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
CVE-2010-1510 1Irfanview 1Irfanview Apr 29, 2026 May 14, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression.

Previous 1...10 11 121314 Next