6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.8%
Multiple serious vulnerabilities have been found in IrfanView 4.44. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code.
Below is a complete list of vulnerabilities:
Technical details
Vulnerability (1) occurs while viewing image in IrfanView or by using its thumbnailing feature.
Vulnerabilities (2) are related to:
Vulnerabilities (3) are related to:
“User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529.”
“Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b3ae.”
“Read Access Violation starting at wow64!Wow64NotifyDebugger+0x000000000000001d.”
“User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529.”
“Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b3ae.”
“Read Access Violation starting at wow64!Wow64NotifyDebugger+0x000000000000001d.”
Vulnerability (6) exists because of a User Mode Write AV near NULL.
Vulnerabilities (7) are related to:
“User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000000f53.”
“User Mode Write AV starting at FPX+0x000000000000176c.”
“User Mode Write AV starting at FPX+0x0000000000001555.”
“User Mode Write AV starting at FPX!DE_Decode+0x0000000000000a9b.”
“User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000017426.”
“User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000016e53.”
“Read Access Violation on Control Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000014eb.”
“Read Access Violation on Control Flow starting at FPX!GetPlugInInfo+0x0000000000012bf2.”
“User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007822.”
“User Mode Write AV starting at FPX!DE_Decode+0x0000000000000cdb.”
“Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c995.”
“Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c998.”
“Read Access Violation on Control Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c99a.”
“Data from Faulting Address controls subsequent Write Address starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a525.”
“Data from Faulting Address controls Code Flow starting at FPX+0x0000000000007236.”
“Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000014e7.”
“Read Access Violation on Block Data Move starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b84f.”
Data from Faulting Address controls Code Flow starting at FPX+0x0000000000007216
“Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000001b6.”
“Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000006a98.”
“Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpLowFragHeapFree+0x000000000000001f.”
“Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX+0x000000000000688d.”
“Data from Faulting Address controls Branch Selection starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000031a0.”
“Read Access Violation starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000003714.”
“Read Access Violation starting at FPX+0x000000000000153a.”
“Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007053.”
“Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x0000000000000393.”
Vulnerabilities (9) are related to:
“Read Access Violation on Block Data Move starting at ntdll_77df0000!memcpy+0x0000000000000033.”
“Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlFreeHandle+0x00000000000001b6.”
“Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77df0000!RtlFreeHandle+0x0000000000000218.”
“Data from Faulting Address controls Branch Selection starting at.” KERNELBASE!QueryOptionalDelayLoadedAPI+0x0000000000000c42.”
“Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpResCompareResourceNames+0x0000000000000087.”
“Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpResSearchResourceInsideDirectory+0x000000000000029e.”
“Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpResGetMappingSize+0x00000000000003cc.”
“Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpCompareResourceNames_U+0x0000000000000062.”
Vulnerabilities (10) are related to:
“Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x000000000011d767.”
“Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e.”
Vulnerability (11) related to “Data from Faulting Address controls Branch Selection starting at ntdll_77130000!RtlpCoalesceFreeBlocks+0x00000000000004b4.”
Vulnerability (12) related to “Data from Faulting Address controls Branch Selection starting at DJVU!GetPlugInInfo+0x000000000001c613.”
Vulnerabilities 10-12 affect only 32-bit version of IrfanView.
Vulnerability (13) related to:
“Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x000000000009174a.”
“Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000161a9c.”
“Data from Faulting Address controls Branch Selection starting at PDF!xmlParserInputRead+0x000000000011624a.”
“Data from Faulting Address may be used as a return value starting at PDF!xmlParserInputRead+0x0000000000129a59.”
“Possible Stack Corruption starting at PDF!xmlGetGlobalState+0x0000000000057b35.”
“Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x0000000000048d0c.”
“Data from Faulting Address controls Branch Selection starting at PDF!xmlListWalk+0x00000000000166c4.”
Vulnerability (14) related to:
“Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at image00000000_00400000+0x00000000000236e4.”
NB: Not every vulnerability already has CVSS rating, so cumulative CVSS rating can be not representative.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2017-15239 high
CVE-2017-15240 high
CVE-2017-15241 high
CVE-2017-15242 high
CVE-2017-15243 high
CVE-2017-15244 high
CVE-2017-15245 high
CVE-2017-15246 high
CVE-2017-15247 high
CVE-2017-15248 high
CVE-2017-15249 high
CVE-2017-15250 high
CVE-2017-15251 high
CVE-2017-15252 high
CVE-2017-15253 high
CVE-2017-15254 high
CVE-2017-15255 high
CVE-2017-15256 high
CVE-2017-15257 high
CVE-2017-15258 high
CVE-2017-15259 high
CVE-2017-15260 high
CVE-2017-15261 high
CVE-2017-15262 high
CVE-2017-15263 high
CVE-2017-15264 high
CVE-2017-10924 high
CVE-2017-14693 warning
CVE-2017-10926 high
CVE-2017-14578 warning
CVE-2017-8369 high
CVE-2017-8370 high
CVE-2017-8766 high
CVE-2017-9534 high
CVE-2017-9528 high
CVE-2017-9530 warning
CVE-2017-9531 high
CVE-2017-9532 high
CVE-2017-9533 high
CVE-2017-2813 high
CVE-2017-9535 high
CVE-2017-9536 high
CVE-2017-9873 high
CVE-2017-9874 high
CVE-2017-9875 high
CVE-2017-9876 high
CVE-2017-9877 high
CVE-2017-9878 high
CVE-2017-9879 high
CVE-2017-9880 high
CVE-2017-9881 high
CVE-2017-9882 high
CVE-2017-9883 high
CVE-2017-9884 high
CVE-2017-9885 high
CVE-2017-9886 high
CVE-2017-9887 high
CVE-2017-9888 high
CVE-2017-9889 high
CVE-2017-9890 high
CVE-2017-9891 high
CVE-2017-9892 high
CVE-2017-14539 warning
CVE-2017-14540 warning
CVE-2017-10729 high
CVE-2017-10730 high
CVE-2017-10731 high
CVE-2017-10732 high
CVE-2017-10733 high
CVE-2017-10734 high
CVE-2017-10735 high
CVE-2017-10925 high
CVE-2017-9915 high
CVE-2017-9916 warning
CVE-2017-9917 warning
CVE-2017-9918 warning
CVE-2017-9919 warning
CVE-2017-9920 warning
CVE-2017-9921 warning
CVE-2017-9922 warning
Update to the latest version
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.8%