Irfanview: >> Irfanview Security Vulnerabilities
A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file.
CVSS Score
7.8
EPSS Score
0.007
Published
2021-09-28
A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-09-28
The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write access violation starting at WPG+0x0000000000012ec6, which might allow remote attackers to execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.04
Published
2021-02-17
The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.042
Published
2021-02-17
irfanView 4.56 contains an error processing parsing files of type .pcx. Which leads to out-of-bounds writing at i_view32+0xdb60.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-16
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038ed4.
CVSS Score
8.8
EPSS Score
0.003
Published
2020-06-10
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038eb7.
CVSS Score
7.8
EPSS Score
0.002
Published
2020-06-10
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000258c.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-10-08
IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x0000000000007da8.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000025b6.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-10-08