152 matches found
Code injection
IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000132cef."...
Design/Logic Flaw
IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlParserInputRead+0x00000000000929f5."...
Code injection
IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x0000000000048d0c."...
CVE-2017-15258
CVE-2017-15258 affects IrfanView 4.44 (32‑bit) with PDF plugin 4.43, where a crafted PDF can trigger a Read Access Violation in PDF!xmlParserInputRead, leading to denial of service and potentially other impact. The original advisory ties the issue to IrfanView’s PDF handling. Mitigation provided ...
CVE-2017-15256
CVE-2017-15256 affects IrfanView 4.44 (32-bit) with PDF plugin 4.43. A crafted PDF can cause a denial of service (and potentially other impact) due to a faulting address handling issue in PDF parsing (PDF!xmlListWalk+0x…); idle exploitation details indicate local conditions and potential code exe...
CVE-2017-15244
IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to an "Error Code 0xe06d7363 starting at wow64!Wow64NotifyDebugger+0x000000000000001d."...
CVE-2017-15264
IrfanView version 4.44 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at image0000000000400000+0x00000000000236e4....
CVE-2017-15263
IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlListWalk+0x00000000000166c4."...
KLA11064 Multiple vulnerabilities in IrfanView
Multiple serious vulnerabilities have been found in IrfanView 4.44. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code. Below is a complete list of vulnerabilities: 1. An integer overflow vulnerability in the JPEG 2000 parser can be exploited...
CVE-2017-14693
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection starting at DJVU!GetPlugInInfo+0x000000000001c613."...
CVE-2017-14693
CVE-2017-14693 affects IrfanView 4.44 (32‑bit). A crafted .djvu file can trigger a vulnerability in DJVU!GetPlugInInfo+0x... leading to a denial of service and possibly other impact. Some sources mention in-the-wild malware exploitation. Remediation: update IrfanView to the latest version. Techni...
CVE-2017-14693
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection starting at DJVU!GetPlugInInfo+0x000000000001c613."...
CVE-2017-14578
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ani file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77130000!RtlpCoalesceFreeBlocks+0x00000000000004b4."...
Design/Logic Flaw
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at image0000000000400000+0x000000000011d767."...
CVE-2017-14540
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e."...
CVE-2017-14539
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at image0000000000400000+0x000000000011d767."...
Design/Logic Flaw
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ani file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77130000!RtlpCoalesceFreeBlocks+0x00000000000004b4."...
Design/Logic Flaw
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e."...
CVE-2017-14539
CVE-2017-14539 affects IrfanView 4.44 (32-bit) via the SVG parsing path. Public documents describe DoS outcomes from crafting SVG files, with the underlying issue described as Data from Faulting Address controls Branch Selection leading to potential memory/process impact. Several sources (OpenVAS...
CVE-2017-14540
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e."...