Irfanview: >> Irfanview >> 4.53 Security Vulnerabilities
IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x000000000000839c.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000966f.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-10-08
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-10-08
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0000000000004359.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-10-08
In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at image00400000+0x000000000001dcfc.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-09-25
Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.
CVSS Score
9.3
EPSS Score
0.275
Published
2012-07-05
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression.
CVSS Score
9.3
EPSS Score
0.391
Published
2012-04-18
Page 12