moshekaplan - Security Researcher - Exploit Intelligence Platform

CVE-2021-29358 WRITEUP MEDIUM WRITEUP

IrfanView 4.57 - Denial of Service via Crafted PVR File

A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file.

CVSS 5.5

View Code

CVE-2021-29360 WRITEUP HIGH WRITEUP

IrfanView 4.57 - Remote Code Execution via Crafted RLE File

A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

CVSS 7.8

View Code

CVE-2021-29361 WRITEUP HIGH WRITEUP

IrfanView 4.57 - Out-of-bounds Write via Crafted RLE File

A buffer overflow vulnerability in FORMATS!Read_Utah_RLE+0x340 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

CVSS 7.8

View Code

CVE-2021-29362 WRITEUP HIGH WRITEUP

IrfanView 4.57 - Out-of-bounds Write via Crafted RLE File

A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

CVSS 7.8

View Code

CVE-2021-29363 WRITEUP HIGH WRITEUP

IrfanView 4.57 - Buffer Overflow via Crafted RLE File

A buffer overflow vulnerability in FORMATS!ReadRAS_W+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74

CVSS 7.8

View Code

CVE-2021-29364 WRITEUP HIGH WRITEUP

IrfanView 4.57 - Out-of-bounds Write via Crafted RLE File

A buffer overflow vulnerability in Formats!ReadRAS_W+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

CVSS 7.8

View Code

CVE-2021-29365 WRITEUP MEDIUM WRITEUP

Irfanview 4.57 - Denial of Service via Crafted BMP File in EFFECTS!AutoCrop_W

Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component. This can cause a denial of service (DOS).

CVSS 5.5

View Code

CVE-2021-29366 WRITEUP HIGH WRITEUP

IrfanView 4.57 - Out-of-bounds Write via Crafted RLE File

A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

CVSS 7.8

View Code

CVE-2021-29367 WRITEUP HIGH WRITEUP

IrfanView 4.57 - Out-of-bounds Write via Crafted WPG File

A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file.

CVSS 7.8

View Code