IrfanView version 4.33 suffers from a TIF image decompression buffer overflow vulnerability. Proof of concept included.
72b8882cb0faee2b7373d6e6e4b71c5ed206922b7475df22542144a2d004de0dIrfanView version 4.57 with WPG.dll version 2.0.0.0 suffer from access violation and out-of-bounds write vulnerabilities that can lead to denial of service or code execution.
25da92fa817b5a113c55b9e18072698748b07fb0bb80d1febb128c957f5b2d19IrfanView email plugin version 4.44 SEH buffer overflow exploit.
3cb99ffaeb3ff9b458094a24a5c8e5ce9602e65d2b5d09dcd252ec6d3b4e123fIrfanView email plugin version 4.50 SEH unicode buffer overflow exploit.
7cb5e57b65ee11d382c98d41edbd12ab10f38857e49dfbaad8e91f57cd6a8da5IrfanView version 4.44 suffers from an overflow vulnerability.
733c379ee42e567d696579edf278a3b20d3e2978a16e590732cfd712a558e9a1Foxit Reader versions 7.1.3.320 and below suffer from a pdf parsing memory corruption vulnerability.
bd04944c6132e51165de2cd47879e4605bc439659bd47936955cab36552e79aaOracle Outside-In suffers from a memory corruption vulnerability when parsing docx files.
79fc87eb887121eb743d08718db0785e9a718662ed4993f3ba621df1404086adIrfanView version 4.33 suffers from a code execution vulnerability in IMXCF.DLL.
0a1f142ba76135c7bcf860c32266bf1a855ad2cd191192fcf8ec2176558f0b9cAn overflow error occurs in GroupWise Internet Agent (gwia.exe) when the LDAP service process receives an overly long BIND Request. Successful exploitation may allow execution of arbitrary code. Versions 8.0.2 HP3 and 2012 are affected. Proof of concept code included.
98eedb4ebf1ead9211c4ee8e6803edef89885b9d7e3884dac106b273c25e0aa7IrfanView version 4.33 suffers from a RLE image decompression buffer overflow vulnerability. Proof of concept included.
c7280f0bbcb5f8e1f959afbe12d0a3869c8de4db879212848a1273b635432924Secunia Security Advisory - A vulnerability has been discovered in IrfanView, which can be exploited by malicious people to compromise a user's system.
ecaab2e98606754f083cbeaf42919774e548699df825d9a5acb059002933a0bbCyme ChartFX client server suffers from a vulnerability that is caused due to an indexing error in the "ShowPropertiesDialog()" method (ChartFX.ClientServer.Core.dll) of the ChartFX ActiveX Control. This can be exploited to write a single byte value to an arbitrary memory location via the "pageNumber" parameter. Successful exploitation may allow execution of arbitrary code.
5710bd2cdef00b1beebd3eb5db71e3e75a63f51295473d4c9d8eb9549ef60db6Adobe Photoshop CS6 version 13.x suffers from a PNG parsing heap overflow vulnerability. Proof of concept PNG file include.
80a53ff72f5790f602424285c5a3993b1990d8e6e206c276ea6e96b7e79484e5Oracle Outside-In FPX file parsing suffers from a heap overflow vulnerability. Proof of concept included.
3ffbb6827d9d2382b9a76b9305e37a7d6d37e039b353eabc680e393957f21adaOracle Outside-In LWP file parsing suffers from a stack based buffer overflow vulnerability. Proof of concept included.
953c76d252ea3d1ef9599ded5a1b13cc01db9cce40b4df74f6ac34219722ac04Oracle Outside-IN JP2 file parsing suffers from a heap overflow vulnerability. Proof of concept included.
7c878849d29af52f8ddf17660a63425f5e710c5f84ddfa7cbd6a34ab807ed406This Metasploit module exploits a stack-based buffer overflow vulnerability in versions 4.3.2.0 and below of Irfanview's JPEG2000.dll plugin. This exploit has been tested on a specific version of irfanview (v4.3.2), although other versions may work also. The vulnerability is triggered via parsing an invalid qcd chunk structure and specifying a malformed qcd size and data. Payload delivery and vulnerability trigger can be executed in multiple ways. The user can double click the file, use the file dialog, open via the icon and drag/drop the file into Irfanview\'s window. An egg hunter is used for stability.
c5cce711dbd4abe77f358a5360b9fd21367c38e3811ab24c191fb5a02cb79609IrfanView Formats PlugIn is prone to an overflow condition. The JLS Plugin (jpeg_ls.dll) library fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, a context-dependent attacker could potentially execute arbitrary code. Proof of concept included. Irfanview Plugins version 4.33 is affected.
cd8bb7da17eb6fd5c44d2f4ceac57a18c44aca435eea690d9247652a97f176d8IrfanView version 4.33 suffers from a DJVU image processing heap overflow vulnerability. Proof of concept included.
e436390561dec51d8a5dee5ab9cec39964b18ee239173724fdeb63a1dfbb24c1ACDSee PRO version 5.1 suffers from image processing heap overflow vulnerabilities. Proof of concepts included.
7a29c303284a12fafe7bde596241454a712c247046e5141fda568b7871231f44XnView version 1.98.8 suffers from GIF, PCT, and TIFF image processing heap overflow vulnerabilities. Proof of concepts included.
7a33f45ffe3e05b1ae8eff4edeb90a2337504c569f19a6aab17d6a976045bc2bSecunia Security Advisory - Francis Provencher has discovered a vulnerability in IrfanView Formats PlugIn, which can be exploited by malicious people to compromise a user's system.
4aab7b55fac10269055188d8782bedc1c5003b831ba88acae3d6e07377f19f37A boundary error in the Xfpx.dll module when processing FlashPix images can be exploited to cause a heap-based buffer overflow via a specially crafted FPX file. Proof of concept included.
d3d27e656535c43a189940b4169f03b8e070dc18bbb730bd07e54480765d5f37A boundary error in the NCSEcw.dll module when decompressing Enhanced Compressed Wavelet images can be exploited to cause a heap-based buffer overflow via a specially crafted ECW file. Proof of concept included.
2b805ba8e0fb396319306ee83628841d7255eb906f045dd4b7bcf89a37a9e721An integer truncation error when processing Sun Raster images can be exploited to cause a heap-based buffer overflow via a specially crafted "Depth" value in a RAS file. Proof of concept included.
deec59b7511a6a5f9b798bbeb76b449e5acbef7e088fb4533468afed85672740The Format plugin in IrfanView version 4.33 suffers from a TTF file parsing stack based overflow vulnerability. Proof of concept TTF file included.
ef722236a74014bdcead5b4e91a1c08b978a058a903f4d9df3043c15edb2afa7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed