Irfanview

irfanview

Vendor: Irfanview • 271 CVEs

CVEs (271)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-1509 1Irfanview 1Irfanview Apr 29, 2026 May 14, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary...Show more IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow, related to a "sign-extension error."Show less
CVE-2009-2118 1Irfanview 1Irfanview Apr 23, 2026 Jun 18, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-based buffer overflow.
CVE-2008-0493 1Irfanview 1Irfanview Apr 23, 2026 Jan 30, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained fr...Show more fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information.Show less
CVE-2007-4343 1Irfanview 1Irfanview Apr 23, 2026 Oct 16, 2007 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows user-assisted remote attackers to execute arbitrary code via a crafted palette (.pal) file.
CVE-2007-2363 1Irfanview 1Irfanview Apr 23, 2026 Apr 30, 2007 N/A· v4 N/A· v3 8.5 HIGH· v2 Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file.
CVE-2007-1948 1Irfanview 1Irfanview Apr 23, 2026 Apr 11, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in...Show more Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp.Show less
CVE-2007-1867 1Irfanview 1Irfanview Apr 23, 2026 Apr 4, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file.
CVE-2007-1245 1Irfanview 1Irfanview Apr 23, 2026 Mar 3, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 IrfanView 3.99 allows remote attackers to cause a denial of service (application crash) via a malformed WMF file.
CVE-2006-4374 1Irfanview 1Irfanview Apr 16, 2026 Aug 26, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 IrfanView 3.98 (with plugins) allows user-assisted attackers to cause a denial of service (application crash) via a crafted ANI image file, possibly due to a buffer overflow.
CVE-2006-4231 1Irfanview 1Irfanview Apr 16, 2026 Aug 18, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file.
CVE-1999-1112 1Irfanview 1Irfanview Apr 16, 2026 Nov 9, 1999 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header.

Previous 1...10 11 12 1314