Vulnerabilities > Irfanview > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-21 | CVE-2024-6811 | Out-of-bounds Write vulnerability in Irfanview and WSQ IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. | 7.8 |
| 2024-08-21 | CVE-2024-6812 | Out-of-bounds Write vulnerability in Irfanview and WSQ IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. | 7.8 |
| 2022-03-23 | CVE-2021-46064 | Classic Buffer Overflow vulnerability in Irfanview 4.59 IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). | 7.8 |
| 2021-02-17 | CVE-2021-27362 | Out-of-bounds Read vulnerability in Irfanview WPG The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code. | 7.5 |
| 2014-02-14 | CVE-2013-5351 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file. | 7.5 |
| 2013-12-28 | CVE-2013-6932 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irfanview Buffer overflow in IrfanView before 4.37, when a multibyte-character directory name is used, allows user-assisted remote attackers to execute arbitrary code via a crafted file that is incorrectly handled by the Thumbnail tooltips feature in the Thumbnails window. | 7.6 |
| 2007-04-30 | CVE-2007-2363 | Remote Buffer Overflow vulnerability in IrfanView .IFF Format Handling Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file. network irfanview | 8.5 |
| 1999-11-09 | CVE-1999-1112 | Buffer Overflow vulnerability in IrfanView32 Image File Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header. | 7.5 |