Vulnerabilities > Irfanview

DATE CVE VULNERABILITY TITLE RISK
2017-04-30 CVE-2017-7721 Improper Input Validation vulnerability in Irfanview FPX and Irfanview
IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an Access Violation and crash in processing a FlashPix (.FPX) file.
network
irfanview CWE-20
6.8
2014-02-14 CVE-2013-5351 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview
Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.
network
low complexity
irfanview CWE-119
7.5
2013-12-28 CVE-2013-6932 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview
Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window.
network
high complexity
irfanview CWE-119
7.6
2012-11-17 CVE-2012-5904 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview
Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image.
network
irfanview CWE-119
6.8
2012-11-02 CVE-2012-0025 Resource Management Errors vulnerability in Irfanview Flashpix Plugin 4.2.2.0
Double free vulnerability in the Free_All_Memory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial of service (crash) via a crafted FPX image.
network
irfanview CWE-399
6.8
2012-10-25 CVE-2011-5233 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview
Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file.
network
irfanview CWE-119
4.3
2012-07-05 CVE-2012-3585 Buffer Errors vulnerability in Irfanview Plugins 4.33
Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.
network
irfanview CWE-119
critical
9.3
2012-04-18 CVE-2012-0278 Buffer Errors vulnerability in Irfanview Flashpix Plugin 4.3.4.0/4.32/4.33
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression.
network
irfanview CWE-119
critical
9.3
2012-01-20 CVE-2012-0897 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
network
irfanview CWE-119
6.8
2010-05-14 CVE-2010-1510 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview
Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression.
network
low complexity
irfanview CWE-119
5.0