CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Irfanview : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-15769 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dds file, related to "Read Access Violation starting at FORMATS!ReadBLP_W+0x0000000000001b22."
2 CVE-2017-15768 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.50 - 64bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address controls Branch Selection starting at image000007f7_42060000+0x0000000000094113."
3 CVE-2017-15767 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADIMAGE+0x00000000003d5b52."
4 CVE-2017-15766 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001f0a0."
5 CVE-2017-15765 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at CADIMAGE+0x00000000003e9462."
6 CVE-2017-15764 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001e6b0."
7 CVE-2017-15763 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001eca0."
8 CVE-2017-15762 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001f31b."
9 CVE-2017-15761 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001ecaa."
10 CVE-2017-15760 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001ce82."
11 CVE-2017-15759 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001b3f3."
12 CVE-2017-15758 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d75b."
13 CVE-2017-15757 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x00000000000029ba."
14 CVE-2017-15756 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d7c4."
15 CVE-2017-15755 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at verifier!AVrfpDphFindBusyMemoryNoCheck+0x0000000000000091."
16 CVE-2017-15754 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000013968."
17 CVE-2017-15753 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at BabaCAD4Image!ShowPlugInOptions+0x00000000000029c2."
18 CVE-2017-15752 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d6b0."
19 CVE-2017-15751 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009f39."
20 CVE-2017-15750 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009ae0."
21 CVE-2017-15749 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x00000000000348b9."
22 CVE-2017-15748 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADIMAGE+0x000000000000613a."
23 CVE-2017-15747 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x0000700b00260112 called from CADIMAGE+0x00000000003d35ad."
24 CVE-2017-15746 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x00000000003d21b3."
25 CVE-2017-15745 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000002ca2e."
26 CVE-2017-15744 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Read Access Violation on Control Flow starting at CADIMAGE+0x00000000003d35a7."
27 CVE-2017-15743 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADIMAGE+0x00000000003d24a0."
28 CVE-2017-15742 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d2328."
29 CVE-2017-15741 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Possible Stack Corruption starting at CADIMAGE+0x00000000003d2378."
30 CVE-2017-15740 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls Code Flow starting at CADIMAGE+0x000000000033228e."
31 CVE-2017-15739 119 DoS Exec Code Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADIMAGE+0x00000000000042d5."
32 CVE-2017-15738 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d22d8."
33 CVE-2017-15737 119 DoS Overflow 2017-10-22 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADIMAGE+0x00000000003d246f."
34 CVE-2017-15264 119 DoS Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at image00000000_00400000+0x00000000000236e4."
35 CVE-2017-15263 119 DoS Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlListWalk+0x00000000000166c4."
36 CVE-2017-15262 119 DoS Exec Code Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x0000000000048d0c."
37 CVE-2017-15261 119 DoS Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Possible Stack Corruption starting at PDF!xmlGetGlobalState+0x0000000000057b35."
38 CVE-2017-15260 119 DoS Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address may be used as a return value starting at PDF!xmlParserInputRead+0x0000000000129a59."
39 CVE-2017-15259 119 DoS Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlParserInputRead+0x000000000011624a."
40 CVE-2017-15258 119 DoS Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000161a9c."
41 CVE-2017-15257 119 DoS Exec Code Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x000000000009174a."
42 CVE-2017-15256 119 DoS Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlListWalk+0x0000000000019fc8."
43 CVE-2017-15255 119 DoS Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x00000000001601b0."
44 CVE-2017-15254 119 DoS Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlGetGlobalState+0x000000000007dfa5."
45 CVE-2017-15253 119 DoS Exec Code Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting at PDF!xmlGetGlobalState+0x000000000007dff2."
46 CVE-2017-15252 119 DoS Exec Code Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "Read Access Violation on Block Data Move starting at PDF!xmlListWalk+0x00000000000158cb."
47 CVE-2017-15251 119 DoS Exec Code Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x00000000000e7326."
48 CVE-2017-15250 119 DoS Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000132e19."
49 CVE-2017-15249 119 DoS Exec Code Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlGetGlobalState+0x00000000000668d6."
50 CVE-2017-15248 119 DoS Exec Code Overflow 2017-10-11 2017-10-24
6.8
None Remote Medium Not required Partial Partial Partial
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlGetGlobalState+0x0000000000063ca6."
Total number of vulnerabilities : 136   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.