IrfanView 4.67 on x64
Approved changes feed: RSS · Atom
cpe:2.3:a:irfanview:irfanview:4.67:*:*:*:*:*:x64:*
part: a version: 4.67 update: *
| Vendor | Irfanview (2266f294-df77-5655-8af5-aa6aefbc4e01) |
|---|---|
| Product | Irfanview (010dbda2-9e63-520d-8a8e-408fdae397bd) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | x64 |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-11575 |
vulnerable | 2026-06-03 14:54:14.362216 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24901.
Published: 2024-11-22T20:46:54.706Z
Updated: 2024-11-22T21:45:52.617Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11574 |
vulnerable | 2026-06-03 14:54:14.361736 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24900.
Published: 2024-11-22T20:47:46.067Z
Updated: 2024-11-22T21:45:52.481Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11573 |
vulnerable | 2026-06-03 14:54:14.361379 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24898.
Published: 2024-11-22T20:46:37.998Z
Updated: 2024-11-22T21:45:52.342Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11572 |
vulnerable | 2026-06-03 14:54:14.360999 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24897.
Published: 2024-11-22T20:47:30.184Z
Updated: 2024-11-22T21:45:52.228Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11571 |
vulnerable | 2026-06-03 14:54:14.360621 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24895.
Published: 2024-11-22T20:46:41.406Z
Updated: 2024-11-22T21:45:54.608Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11570 |
vulnerable | 2026-06-03 14:54:14.360249 |
IrfanView DXF File Parsing Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24885.
Published: 2024-11-22T20:47:36.379Z
Updated: 2024-11-22T21:45:54.476Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11569 |
vulnerable | 2026-06-03 14:54:14.359882 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24873.
Published: 2024-11-22T20:47:50.508Z
Updated: 2024-11-22T21:35:48.808Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11568 |
vulnerable | 2026-06-03 14:54:14.359492 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24872.
Published: 2024-11-22T20:46:29.774Z
Updated: 2024-11-22T21:35:48.701Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11567 |
vulnerable | 2026-06-03 14:54:14.359125 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24871.
Published: 2024-11-22T20:47:54.879Z
Updated: 2024-11-22T21:35:48.587Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11566 |
vulnerable | 2026-06-03 14:54:14.358665 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24868.
Published: 2024-11-22T20:46:33.614Z
Updated: 2024-11-22T21:35:48.488Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11565 |
vulnerable | 2026-06-03 14:54:14.358286 |
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CGM files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24866.
Published: 2024-11-22T20:46:45.733Z
Updated: 2024-11-22T21:35:48.388Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11564 |
vulnerable | 2026-06-03 14:54:14.357770 |
IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24864.
Published: 2024-11-22T20:46:49.285Z
Updated: 2024-11-22T21:35:48.282Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11563 |
vulnerable | 2026-06-03 14:54:14.357399 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24860.
Published: 2024-11-22T20:47:58.945Z
Updated: 2024-11-22T21:35:48.163Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11562 |
vulnerable | 2026-06-03 14:54:14.357033 |
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CGM files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24858.
Published: 2024-11-22T20:47:41.768Z
Updated: 2024-11-22T21:35:47.991Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11561 |
vulnerable | 2026-06-03 14:54:14.356672 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24857.
Published: 2024-11-22T20:48:55.915Z
Updated: 2024-11-22T21:35:47.887Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11560 |
vulnerable | 2026-06-03 14:54:14.356296 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24853.
Published: 2024-11-22T20:49:01.973Z
Updated: 2024-11-22T21:35:47.782Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11559 |
vulnerable | 2026-06-03 14:54:14.355916 |
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24809.
Published: 2024-11-22T20:46:07.757Z
Updated: 2024-11-22T21:45:54.337Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11558 |
vulnerable | 2026-06-03 14:54:14.355535 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24808.
Published: 2024-11-22T20:46:15.542Z
Updated: 2024-11-22T21:45:54.030Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11557 |
vulnerable | 2026-06-03 14:54:14.355166 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24807.
Published: 2024-11-22T20:46:19.442Z
Updated: 2024-11-22T21:45:52.094Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11556 |
vulnerable | 2026-06-03 14:54:14.354763 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24795.
Published: 2024-11-22T20:46:25.601Z
Updated: 2024-11-22T21:45:51.958Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11555 |
vulnerable | 2026-06-03 14:54:14.354252 |
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24780.
Published: 2024-11-22T20:46:11.447Z
Updated: 2024-11-22T21:45:51.819Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11554 |
vulnerable | 2026-06-03 14:54:14.353867 |
IrfanView DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24754.
Published: 2024-11-22T20:49:15.254Z
Updated: 2024-11-22T21:35:47.476Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11553 |
vulnerable | 2026-06-03 14:54:14.353505 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24752.
Published: 2024-11-22T20:45:52.045Z
Updated: 2024-11-22T21:45:51.693Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11552 |
vulnerable | 2026-06-03 14:54:14.353127 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24751.
Published: 2024-11-22T20:45:09.292Z
Updated: 2024-11-22T21:45:51.574Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11551 |
vulnerable | 2026-06-03 14:54:14.352745 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24749.
Published: 2024-11-22T20:45:25.635Z
Updated: 2024-11-22T21:45:51.449Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11550 |
vulnerable | 2026-06-03 14:54:14.352279 |
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24748.
Published: 2024-11-22T20:44:37.737Z
Updated: 2024-11-22T21:45:51.306Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11549 |
vulnerable | 2026-06-03 14:54:14.351918 |
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24746.
Published: 2024-11-22T20:45:14.189Z
Updated: 2024-11-22T21:45:50.808Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11548 |
vulnerable | 2026-06-03 14:54:14.351543 |
IrfanView DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24745.
Published: 2024-11-22T20:45:02.065Z
Updated: 2024-11-22T21:45:48.918Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11547 |
vulnerable | 2026-06-03 14:54:14.351163 |
IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24732.
Published: 2024-11-22T20:44:57.281Z
Updated: 2024-11-22T21:45:48.801Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11546 |
vulnerable | 2026-06-03 14:54:14.350783 |
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24714.
Published: 2024-11-22T20:44:53.208Z
Updated: 2024-11-22T21:45:53.857Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11545 |
vulnerable | 2026-06-03 14:54:14.350417 |
IrfanView DXF File Parsing Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24709.
Published: 2024-11-22T20:44:47.554Z
Updated: 2024-11-22T21:45:53.732Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11544 |
vulnerable | 2026-06-03 14:54:14.350033 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24707.
Published: 2024-11-22T20:44:42.788Z
Updated: 2024-11-22T21:45:53.611Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11543 |
vulnerable | 2026-06-03 14:54:14.349666 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24704.
Published: 2024-11-22T20:45:19.005Z
Updated: 2024-11-22T21:45:53.499Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11542 |
vulnerable | 2026-06-03 14:54:14.349291 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24703.
Published: 2024-11-22T20:45:33.891Z
Updated: 2024-11-22T21:45:53.393Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11541 |
vulnerable | 2026-06-03 14:54:14.348900 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24702.
Published: 2024-11-22T20:45:42.199Z
Updated: 2024-11-22T21:45:53.281Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11540 |
vulnerable | 2026-06-03 14:54:14.348508 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24700.
Published: 2024-11-22T20:45:38.428Z
Updated: 2024-11-22T21:45:48.663Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11539 |
vulnerable | 2026-06-03 14:54:14.348125 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24699.
Published: 2024-11-22T20:45:46.081Z
Updated: 2024-11-22T21:45:48.267Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11538 |
vulnerable | 2026-06-03 14:54:14.347715 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24629.
Published: 2024-11-22T20:49:42.867Z
Updated: 2024-11-22T21:35:47.363Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11537 |
vulnerable | 2026-06-03 14:54:14.347335 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24620.
Published: 2024-11-22T20:49:19.298Z
Updated: 2024-11-22T21:35:47.246Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11536 |
vulnerable | 2026-06-03 14:54:14.346945 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24619.
Published: 2024-11-22T20:49:22.719Z
Updated: 2024-11-22T21:35:47.136Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11535 |
vulnerable | 2026-06-03 14:54:14.346552 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24618.
Published: 2024-11-22T20:49:26.520Z
Updated: 2024-11-22T21:35:46.941Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11534 |
vulnerable | 2026-06-03 14:54:14.346058 |
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24617.
Published: 2024-11-22T20:49:30.124Z
Updated: 2024-11-22T21:35:46.834Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11533 |
vulnerable | 2026-06-03 14:54:14.345572 |
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24616.
Published: 2024-11-22T20:49:35.516Z
Updated: 2024-11-22T21:35:46.729Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11532 |
vulnerable | 2026-06-03 14:54:14.345184 |
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24615.
Published: 2024-11-22T20:49:39.208Z
Updated: 2024-11-22T21:35:46.615Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11531 |
vulnerable | 2026-06-03 14:54:14.344789 |
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CGM files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24606.
Published: 2024-11-22T20:44:11.355Z
Updated: 2024-11-22T21:45:48.549Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11530 |
vulnerable | 2026-06-03 14:54:14.344393 |
IrfanView CGM File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView CGM File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CGM files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24605.
Published: 2024-11-22T20:44:16.264Z
Updated: 2024-11-22T21:45:48.397Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11529 |
vulnerable | 2026-06-03 14:54:14.343880 |
IrfanView DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24604.
Published: 2024-11-22T20:44:20.813Z
Updated: 2024-11-22T21:45:47.781Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11528 |
vulnerable | 2026-06-03 14:54:14.343468 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24602.
Published: 2024-11-22T20:49:46.926Z
Updated: 2024-11-22T21:35:46.500Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11527 |
vulnerable | 2026-06-03 14:54:14.343059 |
IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24601.
Published: 2024-11-22T20:44:26.235Z
Updated: 2024-11-22T21:45:48.048Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11526 |
vulnerable | 2026-06-03 14:54:14.339104 |
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CGM files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24600.
Published: 2024-11-22T20:44:33.267Z
Updated: 2024-11-22T21:45:47.907Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11525 |
vulnerable | 2026-06-03 14:54:14.338738 |
IrfanView DXF File Parsing Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24599.
Published: 2024-11-22T20:49:55.727Z
Updated: 2024-11-22T21:35:46.392Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11524 |
vulnerable | 2026-06-03 14:54:14.338355 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24598.
Published: 2024-11-22T20:50:04.140Z
Updated: 2024-11-22T21:35:46.280Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11523 |
vulnerable | 2026-06-03 14:54:14.337877 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24597.
Published: 2024-11-22T20:50:00.452Z
Updated: 2024-11-22T21:35:46.185Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11522 |
vulnerable | 2026-06-03 14:54:14.337496 |
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24595.
Published: 2024-11-22T20:49:52.345Z
Updated: 2024-11-22T21:35:46.053Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11521 |
vulnerable | 2026-06-03 14:54:14.337104 |
IrfanView DJVU File Parsing Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView DJVU File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DJVU files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24578.
Published: 2024-11-22T20:49:06.145Z
Updated: 2024-11-22T21:35:47.688Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11520 |
vulnerable | 2026-06-03 14:54:14.336628 |
IrfanView ARW File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView ARW File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of ARW files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24488.
Published: 2024-11-22T20:49:11.819Z
Updated: 2024-11-22T21:35:47.581Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11519 |
vulnerable | 2026-06-03 14:54:14.336230 |
IrfanView RLE File Parsing Memory Corruption Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView RLE File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of RLE files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24445.
Published: 2024-11-22T20:50:13.726Z
Updated: 2024-11-22T21:35:45.815Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11518 |
vulnerable | 2026-06-03 14:54:14.335600 |
IrfanView RLE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView RLE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of RLE files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24444.
Published: 2024-11-22T20:50:18.649Z
Updated: 2024-11-22T21:35:45.721Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11517 |
vulnerable | 2026-06-03 14:54:14.335212 |
IrfanView JPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView JPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JPM files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24118.
Published: 2024-11-22T20:50:23.343Z
Updated: 2024-11-22T21:35:45.605Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11516 |
vulnerable | 2026-06-03 14:54:14.334794 |
IrfanView JPM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView JPM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JPM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24011.
Published: 2024-11-22T20:50:38.178Z
Updated: 2024-11-22T21:35:45.493Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11515 |
vulnerable | 2026-06-03 14:54:14.334297 |
IrfanView JPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView JPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JPM files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24010.
Published: 2024-11-22T20:50:29.047Z
Updated: 2024-11-22T21:35:45.355Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11514 |
vulnerable | 2026-06-03 14:54:14.333878 |
IrfanView ECW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView ECW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of ECW files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23975.
Published: 2024-11-22T20:50:33.108Z
Updated: 2024-11-22T21:45:53.153Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11513 |
vulnerable | 2026-06-03 14:54:14.332642 |
IrfanView ECW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
HIGH (7.8)
IrfanView ECW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of ECW files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23971.
Published: 2024-11-22T20:50:41.789Z
Updated: 2024-11-22T21:45:52.968Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.