Vulnerabilities > Irfanview > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-28 CVE-2021-29360 Out-of-bounds Write vulnerability in Irfanview 4.57
A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
network
irfanview CWE-787
6.8
6.8
2021-09-28 CVE-2021-29361 Out-of-bounds Write vulnerability in Irfanview 4.57
A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
network
irfanview CWE-787
6.8
6.8
2021-09-28 CVE-2021-29362 Out-of-bounds Write vulnerability in Irfanview 4.57
A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
network
irfanview CWE-787
6.8
6.8
2021-09-28 CVE-2021-29363 Out-of-bounds Write vulnerability in Irfanview 4.57
A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74
network
irfanview CWE-787
6.8
6.8
2021-09-28 CVE-2021-29364 Out-of-bounds Write vulnerability in Irfanview 4.57
A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
network
irfanview CWE-787
6.8
6.8
2021-09-28 CVE-2021-29365 Infinite Loop vulnerability in Irfanview 4.57
Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component.
network
irfanview CWE-835
4.3
4.3
2021-09-28 CVE-2021-29366 Out-of-bounds Write vulnerability in Irfanview 4.57
A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.
network
irfanview CWE-787
6.8
6.8
2021-09-28 CVE-2021-29367 Out-of-bounds Write vulnerability in Irfanview 4.57
A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file.
network
irfanview CWE-787
6.8
6.8
2021-02-17 CVE-2021-27224 Out-of-bounds Write vulnerability in Irfanview WPG
The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote attackers to execute arbitrary code.
network
low complexity
irfanview CWE-787
5.0
5.0
2020-12-16 CVE-2020-35133 Unrestricted Upload of File with Dangerous Type vulnerability in Irfanview 4.56
irfanView 4.56 contains an error processing parsing files of type .pcx.
network
low complexity
irfanview CWE-434
5.0
5.0