Irfanview

irfanview

Vendor: Irfanview • 271 CVEs

CVEs (271)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-6817 1Irfanview 1Irfanview Dec 18, 2024 Nov 22, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is require...Show more IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23216.Show less
CVE-2024-6816 1Irfanview 1Irfanview Dec 18, 2024 Nov 22, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is...Show more IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23214.Show less
CVE-2024-6815 1Irfanview 1Irfanview Dec 18, 2024 Nov 22, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is require...Show more IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RLE files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23159.Show less
CVE-2024-6812 1Irfanview 2Irfanview Wsq Nov 25, 2024 Aug 21, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is require...Show more IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23273.Show less
CVE-2024-6811 1Irfanview 2Irfanview Wsq Nov 25, 2024 Aug 21, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is require...Show more IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24192.Show less
CVE-2023-26974 1Irfanview 1Irfanview Feb 13, 2025 Apr 4, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Irfanview v4.62 allows a user-mode write access violation via a crafted JPEG 2000 file starting at JPEG2000+0x0000000000001bf0.
CVE-2023-24304 1Irfanview 1Irfanview Feb 18, 2025 Mar 28, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper input validation in the PDF.dll plugin of IrfanView v4.60 allows attackers to execute arbitrary code via opening a crafted PDF file.
CVE-2020-23560 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000001bcab.
CVE-2020-23559 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007d7f.
CVE-2020-23558 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007f4b.
CVE-2020-23557 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000755d.
CVE-2020-23556 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e28.
CVE-2020-23555 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e6e.
CVE-2020-23554 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e20.
CVE-2020-23553 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007d33.
CVE-2020-23552 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e62.
CVE-2020-23551 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e30.
CVE-2020-23550 1Irfanview 1Irfanview Nov 21, 2024 Sep 16, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e82.
CVE-2020-23563 1Irfanview 1Irfanview Nov 21, 2024 Jul 18, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.
CVE-2020-23562 1Irfanview 1Irfanview Nov 21, 2024 Jul 18, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe.

Previous 1...456...14 Next