CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,998 vulnerabilities with CWE-119
CVE-2017-9535 HIGH
IrfanView 4.44 (32bit) -FPX Plugin 4.46 - RCE
CVSS 7.8
CVE-2017-9534 HIGH
IrfanView 4.44 (32bit) -FPX Plugin 4.46 - RCE
CVSS 7.8
CVE-2017-9533 HIGH
IrfanView 4.44 (32bit) -FPX Plugin 4.46 - RCE
CVSS 7.8
CVE-2017-9532 HIGH
IrfanView 4.44 (32bit) - FPX Plugin 4.46 - RCE
CVSS 7.8
CVE-2017-9531 HIGH
IrfanView 4.44 (32bit) - FPX Plugin 4.46 - RCE
CVSS 7.8
CVE-2017-9530 HIGH
IrfanView 4.44 - Denial of Service or Remote Code Execution via Crafted File
CVSS 7.8
CVE-2017-9529 HIGH
XnView Classic for Windows <2.40 - RCE
CVSS 7.8
CVE-2017-9528 HIGH
IrfanView 4.44 (32bit) - FPX Plugin 4.46 - RCE
CVSS 7.8
CVE-2017-8826 HIGH
FastStone Image Viewer 6.2 - Denial of Service via Malformed JPEG File
CVSS 7.8
CVE-2017-8803 HIGH
Notepad++ Hex Editor Plugin 0.9.5 - Remote Code Execution via Crafted File
CVSS 7.8
CVE-2017-8785 HIGH
FastStone Image Viewer 6.2 - Denial of Service via Malformed JPEG 2000 File
CVSS 7.8
CVE-2017-8781 HIGH
XnView Classic 2.40 - Remote Code Execution via Crafted JPEG 2000 File
CVSS 7.8
CVE-2017-8766 HIGH
IrfanView 4.44 - Remote Code Execution via Crafted .mov File
CVSS 7.8
CVE-2017-8420 MEDIUM
SWFTools 2013-04-09-1007 - Denial of Service via Malformed TTF File in font2swf
CVSS 6.5
CVE-2017-8387 MEDIUM
STDU Viewer 1.6.375 - Remote Code Execution via Crafted File
CVSS 5.5
CVE-2017-8381 HIGH
XnView Classic 2.40 - Remote Code Execution via Crafted MKV File
CVSS 7.8
CVE-2017-8370 HIGH
IrfanView FPX Plugin - Heap Corruption via FlashPix File Processing
CVSS 7.8
CVE-2017-8369 HIGH
IrfanView 4.44 - Remote Code Execution via Crafted File
CVSS 7.8
CVE-2017-8368 HIGH
Sublime Text 3 Build 3126 - Denial of Service via Crafted .mkv File
CVSS 7.8
CVE-2017-8282 HIGH
XnView Classic 2.40 - Remote Code Execution via Crafted MOV File
CVSS 7.8
CVE-2017-10926 HIGH
IrfanView 4.44 with FPX Plugin 4.47 - Denial of Service via Crafted FPX File
CVSS 7.8
CVE-2017-10925 HIGH
IrfanView 4.44 with FPX Plugin 4.47 - Denial of Service via Crafted FPX File
CVSS 7.8
CVE-2017-10924 HIGH
IrfanView 4.44 with FPX Plugin 4.47 - Remote Code Execution via Crafted FPX File
CVSS 7.8
CVE-2017-10783 HIGH
XnView Classic 2.40 - Denial of Service via Crafted RLE File
CVSS 7.8
CVE-2017-10782 HIGH
XnView Classic 2.40 - Denial of Service via Crafted RLE File
CVSS 7.8
Details
Vulnerabilities 13,998
Exploit Likelihood High