Vulnerabilities > Irfanview > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-05 | CVE-2020-13880 | Out-of-bounds Write vulnerability in Irfanview B3D IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf heap-based out-of-bounds write. | 9.8 |
| 2024-01-05 | CVE-2020-13878 | Out-of-bounds Write vulnerability in Irfanview B3D IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef heap-based out-of-bounds write. | 9.8 |
| 2024-01-05 | CVE-2020-13879 | Out-of-bounds Write vulnerability in Irfanview B3D IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f heap-based out-of-bounds write. | 9.8 |
| 2020-01-27 | CVE-2013-3486 | Integer Overflow or Wraparound vulnerability in Irfanview Flashpix Plugin 4.3.4.0 IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability | 9.3 |
| 2012-07-05 | CVE-2012-3585 | Buffer Errors vulnerability in Irfanview Plugins 4.33 Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file. | 9.3 |
| 2012-04-18 | CVE-2012-0278 | Buffer Errors vulnerability in Irfanview Flashpix Plugin 4.3.4.0/4.32/4.33 Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression. | 9.3 |
| 2009-04-09 | CVE-2009-0197 | Numeric Errors vulnerability in Irfanview Formats 4.00/4.10/4.20 Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow. | 9.3 |
| 2008-01-30 | CVE-2008-0493 | Buffer Errors vulnerability in Irfanview 4.10 fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. | 9.3 |
| 2007-04-11 | CVE-2007-1948 | Denial-Of-Service vulnerability in Irfanview 3.99 Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp. | 9.3 |
| 2007-04-04 | CVE-2007-1867 | Remote Buffer Overflow vulnerability in Irfanview 3.99 Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file. | 10.0 |