CVE-2017-9918

CVE-2017-9918 affects IrfanView 4.44 with TOOLS Plugin 4.50. A crafted file can trigger a denial of service or execute arbitrary code due to Data from Faulting Address controlling Branch Selection starting at KERNELBASE!QueryOptionalDelayLoadedAPI. Public references describe multiple related buff...

CVE-2017-9915

Affected software: IrfanView 4.44 (32‑bit) with TOOLS plugin 4.50. The CVE-2017-9915 entry describes an attacker-controlled crafted file that triggers a Read Access Violation in a memory copy operation (ntdll_77df0000!memcpy) and related memory/heap handling, enabling arbitrary code execution or ...

CVE-2017-9919

IrfanView 4.44 (32‑bit) with TOOLS Plugin 4.50 is vulnerable to crafted files that may cause a denial of service or arbitrary code execution. The root cause involves data from a faulting address affecting control flow (notably LdrpResCompareResourceNames) and related memory/heap/branch control is...

CVE-2017-9916

CVE-2017-9916 affects IrfanView 4.44 (32-bit) with TOOLS Plugin 4.50. A crafted file can trigger a denial of service, with potential for arbitrary code execution via Data from Faulting Address controls Branch Selection (noted in ntdll and related modules). Exploitation details indicate multiple v...

CVE-2017-9920

CVE-2017-9920 affects IrfanView 4.44 (32‑bit) with TOOLS Plugin 4.50. Technical details in connected docs describe multiple buffer overflow and related vulnerability patterns (e.g., data from faulting address controlling branch/code flow) that can lead to denial of service or arbitrary code execu...

CVE-2017-9917

CVE-2017-9917 affects IrfanView 4.44 (32‑bit) with TOOLS Plugin 4.50. A crafted file can cause denial of service or possibly other impact via a faulting address in RtlFreeHandle, per the NVD entry. Connected reports reiterate multiple but related buffer/flow issues tied to IrfanView 4.44 with TOO...

CVE-2017-9917

IrfanView version 4.44 32bit with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at...

CVE-2017-9923

CVE-2017-9923 affects IrfanView 4.44 (32‑bit) with TOOLS Plugin 4.50. The connected CNVD entry confirms a buffer overflow in this configuration when processing a crafted file, enabling a potential attacker to cause a denial of service or execute arbitrary code. The root cause is described as a bu...

Heap Overflow Vulnerability in Notepad++ MIME Tools Plugin 2.1 memove Function

Notepad++ is a free plain text editor. A heap overflow vulnerability exists in the Notepad++ MIME Tools Plugin 2.1 memove function, which can be exploited by a remote attacker to construct a special text file that can be tricked into parsing by the application, which can crash the application...