Vulnerabilities > Irfanview
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-30 | CVE-2017-7721 | Improper Input Validation vulnerability in Irfanview FPX and Irfanview IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an Access Violation and crash in processing a FlashPix (.FPX) file. | 6.8 |
2014-02-14 | CVE-2013-5351 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file. | 7.5 |
2013-12-28 | CVE-2013-6932 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window. | 7.6 |
2012-11-17 | CVE-2012-5904 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image. | 6.8 |
2012-11-02 | CVE-2012-0025 | Resource Management Errors vulnerability in Irfanview Flashpix Plugin 4.2.2.0 Double free vulnerability in the Free_All_Memory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial of service (crash) via a crafted FPX image. | 6.8 |
2012-10-25 | CVE-2011-5233 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file. | 4.3 |
2012-07-05 | CVE-2012-3585 | Buffer Errors vulnerability in Irfanview Plugins 4.33 Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file. | 9.3 |
2012-04-18 | CVE-2012-0278 | Buffer Errors vulnerability in Irfanview Flashpix Plugin 4.3.4.0/4.32/4.33 Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression. | 9.3 |
2012-01-20 | CVE-2012-0897 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | 6.8 |
2010-05-14 | CVE-2010-1510 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression. | 5.0 |