Irfanview: >> Irfanview >> 4.54 Security Vulnerabilities
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-10-28
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6".
CVSS Score
7.8
EPSS Score
0.002
Published
2021-10-28
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038ed4.
CVSS Score
8.8
EPSS Score
0.005
Published
2020-06-10
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038eb7.
CVSS Score
7.8
EPSS Score
0.002
Published
2020-06-10
Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.
CVSS Score
9.3
EPSS Score
0.275
Published
2012-07-05
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression.
CVSS Score
9.3
EPSS Score
0.391
Published
2012-04-18
Page 12