Shodan
Vulnerabilities
Vulnerable Software
Irfanview:  Security Vulnerabilities
CVE-2017-8370
IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote attackers to execute arbitrary code or cause a denial of service (Heap Corruption and application crash) in processing a FlashPix (.FPX) file, a different vulnerability than CVE-2017-7721.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-07-05
CVE-2017-10729
IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121."
CVSS Score
7.8
EPSS Score
0.002
Published
2017-07-05
CVE-2017-10730
IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d96."
CVSS Score
7.8
EPSS Score
0.002
Published
2017-07-05
CVE-2017-10731
IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d80."
CVSS Score
7.8
EPSS Score
0.002
Published
2017-07-05
CVE-2017-10732
IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x0000000000000429."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10733
IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpEnterCriticalSectionContended+0x0000000000000031."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10734
IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wow64NotifyDebugger+0x000000000000001d."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10735
IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-2813
An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation resulting in arbitrary code execution. Vulnerability can be triggered by viewing the image in via the application or by using thumbnailing feature of IrfanView.
CVSS Score
8.8
EPSS Score
0.004
Published
2017-06-21
CVE-2017-7721
IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an Access Violation and crash in processing a FlashPix (.FPX) file.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-04-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved