IrfanView version 4.33 suffers from a TIF image decompression buffer overflow vulnerability. Proof of concept included.
72b8882cb0faee2b7373d6e6e4b71c5ed206922b7475df22542144a2d004de0dSecunia Security Advisory - BraniX has discovered some vulnerabilities in the LuraWave PlugIn for IrfanView, which can be exploited by malicious people to potentially compromise a user's system.
270ebf9948fb95ba52ef877254835854c06a9640508c7bed091b8aef243ec1e2Novell Groupwise suffers from an Internet Agent IMAP LIST command remote code execution vulnerability.
de163bf78d636b4473ab7820066e425de60984121a4acf0fdc9a44e1dfda0548Novell Groupwise version 8.0.2 suffers from an Internet Agent IMAP LIST LSUB command remote code execution vulnerability.
443d827567f7a7b163d7618d61e03df800e3c2ed5dc1b2491d7178dcdbd8b7b9A flaw exists within SSHD.NLM of Novell Netware version 6.5. When the application attempts to resolve an absolute path on the server, a 512 byte destination buffer is used without bounds checking. By providing a large enough value, an attacker can cause a buffer to be overflowed. Successful exploitation results in remote code execution under the context of the server.
b66ffafeb7f223aee83ce62e71c46bd305a2640628049236529604d8e4bb0ed7Secunia Research has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when processing certain RLE compressed PSD images and can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted PSD file. Successful exploitation may allow execution of arbitrary code. Version 4.25 is affected.
eb0045d8335d416396d4ea3020455da381eb50f86bb4463506df1c7146b6572dSecunia Research has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a sign-extension error when processing certain PSD images, which can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted PSD file. Successful exploitation may allow execution of arbitrary code. Version 4.25 is affected.
0c62dba45771af84679292305942045e3e82e928d385b162cf38c58f700e5354Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in IrfanView, which can be exploited by malicious people to compromise a user's system.
ca7e9c8386616e543c7e79b7a9a69109a5cb952d7889535d968be5588bbe72f9Novell Netware version 6.5 SP8 suffers from a FTP related remote stack overflow vulnerability.
d70cb64062375e67c59fa55ccdfc4459fc2ba986572b94e42fd9a52b123d90c9The Xerox Workcenter version 4150 suffers from a buffer overflow vulnerability. Proof of concept code included.
0c47f97159b37b78391874db638835f12d96ef6db7c62a9f90fbaf6511284e7fSecunia Security Advisory - Tielei Wang has discovered a vulnerability in IrfanView, which can be exploited by malicious people to potentially compromise a user's system.
af2c4b283af5d23b7c711876b92fc9a9fd87b235e3651a29219c97be5c0036f6Secunia Research has discovered a vulnerability in IrfanView's Formats plug-in version 4.22, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow when processing XPM files with certain dimensions. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted XPM file.
6353310b973c85424bb98e6be658d9995c4aa4e06a23fd615418d3a85048220eSecunia Security Advisory - Secunia Research has discovered a vulnerability in IrfanView's Formats plug-in, which can be exploited by malicious people to compromise a user's system.
e26849bab2f5a50fcf902318a0826e62646d50720e544a3258ecc78be1fa3912IrfanView versions 3.99 and below .IFF file local stack buffer overflow exploit that spawns calc.exe.
8c0a11932d465dcab8ff7aa0bf762b6ff88fc5496dfd89402254ea90732bde2cIrfanView version 4.10 .FPX file memory corruption exploit that launches calc.exe.
fd482517054c0ff7f8c37b28f526da644268f2b1d0c0a9c0b22aa1f90d8c9676Secunia Security Advisory - Marsu has discovered a vulnerability in the FlashPix plug-in for IrfanView, which potentially can be exploited by malicious people to compromise a vulnerable system.
d03f303ddb57c48671fd15b75b6003068bcd928df30ee16bacaa6b639b2c5a49Secunia Security Advisory - Secunia Research has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system.
c03eea0a04fede6751143aee0ee194467b66c0e1029ff37eedfcf017c5401d79Secunia Research has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when importing palette files. Versions 3.99 and 4.00 are affected.
474b6d103845f885798f337b3763aa6996a3585ba093c8718d1362f60f30a973IrfanView versions 4.00 and below .IFF buffer overflow exploit that spawns calc.exe or binds a shell to tcp port 4444.
6dd650ea32e397aafa576e1e2350950671e7fa1936dbf73cabd78835ee545190Secunia Security Advisory - Marsu has discovered a vulnerability in IrfanView's Formats plug-in, which can be exploited by malicious people to compromise a user's system.
edf596732ffd0d135cdf03e1aa861622b010b24984335be60b3f819a60e5f8f0IrfanView version 3.99 .ANI file local buffer overflow exploit. Comes with multiple targets and binds a shell to TCP port 4444.
933ce989fe1ceb743c833f979dcbca872ed0f1e5b8806a536e1d47d5d1bb8b3cSecunia Security Advisory - Marsu Pilami has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system.
97091e84bd6b3c261d6522b87ea8360ee2257fc881dd07b106a0ddf8496ebd85IrfanView version 3.99 .ANI file local buffer overflow exploit. Tested against Windows XP SP2 FR. This is not related to the LoadAniIcon stack overflow.
2ddba92aaf3d6072ac14fd8c2d5f9135b0936bce4cd70eb6fb691880eec491abSendmail & procmail & kernel less than 2.2.15 local root exploit.
4296222d1bf1930105daa59e2a5114c9af90add47c2081575d64f3a6d4215ae3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed