Vulnerabilities > Extensis > Mrsid > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-02 CVE-2013-3946 Out-of-bounds Write vulnerability in Extensis Mrsid
Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header.
local
low complexity
extensis CWE-787
7.8
7.8
2020-01-02 CVE-2013-3945 Improper Input Validation vulnerability in Extensis Mrsid
The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag.
local
low complexity
extensis CWE-20
7.8
7.8
2020-01-02 CVE-2013-3944 Out-of-bounds Write vulnerability in Extensis Mrsid
Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.
local
low complexity
extensis CWE-787
7.8
7.8