Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2017
CVE-2017-15780
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x0000000000285dad."
CVSS Score
7.8
EPSS Score
0.002
Published
2017-10-22
CVE-2017-15781
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting at CADImage+0x0000000000286a76."
CVSS Score
7.8
EPSS Score
0.004
Published
2017-10-22
CVE-2017-15227
Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the query list, resulting in use-after-free conditions when updating the state later on.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-10-22
CVE-2017-15228
Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-10-22
CVE-2017-15721
In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468.
CVSS Score
7.5
EPSS Score
0.011
Published
2017-10-22
CVE-2017-15722
In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.
CVSS Score
5.9
EPSS Score
0.011
Published
2017-10-22
CVE-2017-15723
In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message.
CVSS Score
7.5
EPSS Score
0.011
Published
2017-10-22
CVE-2017-15737
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d246f."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-10-22
CVE-2017-15738
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d22d8."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-10-22
CVE-2017-15739
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADIMAGE+0x00000000000042d5."
CVSS Score
7.8
EPSS Score
0.002
Published
2017-10-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved