Show filters
279 Total Results
Displaying 91-100 of 279
Sort by:
Attacker Value
Unknown
CVE-2024-6812
Disclosure Date: August 21, 2024 (last updated January 05, 2025)
IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23273.
0
Attacker Value
Unknown
CVE-2024-6811
Disclosure Date: August 21, 2024 (last updated January 05, 2025)
IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24192.
0
Attacker Value
Unknown
CVE-2023-26974
Disclosure Date: April 04, 2023 (last updated February 24, 2025)
Irfanview v4.62 allows a user-mode write access violation via a crafted JPEG 2000 file starting at JPEG2000+0x0000000000001bf0.
0
Attacker Value
Unknown
CVE-2023-24304
Disclosure Date: March 28, 2023 (last updated February 24, 2025)
Improper input validation in the PDF.dll plugin of IrfanView v4.60 allows attackers to execute arbitrary code via opening a crafted PDF file.
0
Attacker Value
Unknown
CVE-2020-23560
Disclosure Date: September 16, 2022 (last updated February 24, 2025)
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000001bcab.
0
Attacker Value
Unknown
CVE-2020-23559
Disclosure Date: September 16, 2022 (last updated February 24, 2025)
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007d7f.
0
Attacker Value
Unknown
CVE-2020-23558
Disclosure Date: September 16, 2022 (last updated February 24, 2025)
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007f4b.
0
Attacker Value
Unknown
CVE-2020-23557
Disclosure Date: September 16, 2022 (last updated February 24, 2025)
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000755d.
0
Attacker Value
Unknown
CVE-2020-23556
Disclosure Date: September 16, 2022 (last updated February 24, 2025)
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e28.
0
Attacker Value
Unknown
CVE-2020-23555
Disclosure Date: September 16, 2022 (last updated February 24, 2025)
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e6e.
0
