CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-15246
https://notcve.org/view.php?id=CVE-2017-15246
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "Read Access Violation on Block Data Move starting at PDF!xmlListWalk+0x000000000001515b." IrfanView 4.44 (32bit), con la versión del plugin PDF 4.43, permite que los atacantes ejecuten código arbitrario o que provoquen una denegación de servicio mediante un archivo .pdf manipulado. Esta vulnerabilidad está relacionada con "Read Access Violation on Block Data Move starting at PDF!xmlListWalk+0x000000000001515b". • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15246 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-15258
https://notcve.org/view.php?id=CVE-2017-15258
IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000161a9c." IrfanView 4.44 (32bit), con la versión del plugin PDF 4.43, permite que los atacantes provoquen una denegación de servicio o, posiblemente, otro impacto sin especificar mediante un archivo .pdf manipulado. Esta vulnerabilidad está relacionada con "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000161a9c". • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15258 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14693
https://notcve.org/view.php?id=CVE-2017-14693
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection starting at DJVU!GetPlugInInfo+0x000000000001c613." La versión 4.44 - 32bit de IrfanView permite que los atacantes provoquen una denegación de servicio o, posiblemente, otro impacto sin especificar mediante un archivo .djvu manipulado. Esta vulnerabilidad está relacionada con "Data from Faulting Address controls Branch Selection starting at DJVU!GetPlugInInfo+0x000000000001c613". • http://www.irfanview.net/main_history.htm https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14693 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14578
https://notcve.org/view.php?id=CVE-2017-14578
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ani file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77130000!RtlpCoalesceFreeBlocks+0x00000000000004b4." IrfanView 4.44 - 32bit permite que los atacantes provoquen una denegación de servicio o, posiblemente, otro impacto sin especificar mediante un archivo .ani manipulado. Esta vulnerabilidad está relacionada con "Data from Faulting Address controls Branch Selection starting at ntdll_77130000!RtlpCoalesceFreeBlocks+0x00000000000004b4". • http://www.irfanview.net/main_history.htm https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14578 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14540
https://notcve.org/view.php?id=CVE-2017-14540
IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e." IrfanView 4.44 - 32bit permite que los atacantes provoquen una denegación de servicio o, posiblemente, otro impacto sin especificar mediante un archivo .svg manipulado. Esta vulnerabilidad está relacionada con "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e". • http://www.irfanview.net/main_history.htm https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-14540 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •