Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer

DATE CVE VULNERABILITY TITLE RISK
2017-10-22 CVE-2017-15744 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview Cadimage and Irfanview
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting at CADIMAGE+0x00000000003d35a7."
local
low complexity
irfanview CWE-119
7.8
7.8
2017-10-22 CVE-2017-15743 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview Cadimage and Irfanview
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADIMAGE+0x00000000003d24a0."
local
low complexity
irfanview CWE-119
7.8
7.8
2017-10-22 CVE-2017-15742 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview Cadimage and Irfanview
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d2328."
local
low complexity
irfanview CWE-119
7.8
7.8
2017-10-22 CVE-2017-15741 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview Cadimage and Irfanview
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Possible Stack Corruption starting at CADIMAGE+0x00000000003d2378."
local
low complexity
irfanview CWE-119
7.8
7.8
2017-10-22 CVE-2017-15740 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview Cadimage and Irfanview
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow starting at CADIMAGE+0x000000000033228e."
local
low complexity
irfanview CWE-119
7.8
7.8
2017-10-22 CVE-2017-15739 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview Cadimage and Irfanview
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADIMAGE+0x00000000000042d5."
local
low complexity
irfanview CWE-119
7.8
7.8
2017-10-22 CVE-2017-15738 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview Cadimage and Irfanview
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d22d8."
local
low complexity
irfanview CWE-119
7.8
7.8
2017-10-22 CVE-2017-15737 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview Cadimage and Irfanview
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d246f."
local
low complexity
irfanview CWE-119
7.8
7.8
2017-10-22 CVE-2017-15803 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.43
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000150."
local
low complexity
xnview CWE-119
7.8
7.8
2017-10-22 CVE-2017-15802 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.43
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000087."
local
low complexity
xnview CWE-119
7.8
7.8