Irfanview: >> Irfanview >> 1.75 Security Vulnerabilities
Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.
CVSS Score
7.5
EPSS Score
0.055
Published
2014-02-14
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
CVSS Score
6.8
EPSS Score
0.671
Published
2012-01-20
IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow, related to a "sign-extension error."
CVSS Score
5.0
EPSS Score
0.037
Published
2010-05-14
Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression.
CVSS Score
5.0
EPSS Score
0.048
Published
2010-05-14