SB2017062121 - Multiple vulnerabilities in IrfanView

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017062121

SB2017062121 - Multiple vulnerabilities in IrfanView

Published: June 21, 2017 Updated: August 8, 2020

Security Bulletin ID SB2017062121
Severity
High
Patch available
YES
Number of vulnerabilities 13
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 69% Low 31%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 13 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2017-15264)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

IrfanView version 4.44 (32bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at image00000000_00400000+0x00000000000236e4."


2) Buffer overflow (CVE-ID: CVE-2017-14693)

The vulnerability allows a local authenticated user to execute arbitrary code.

IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection starting at DJVU!GetPlugInInfo+0x000000000001c613."


3) Buffer overflow (CVE-ID: CVE-2017-14578)

The vulnerability allows a local authenticated user to execute arbitrary code.

IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ani file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77130000!RtlpCoalesceFreeBlocks+0x00000000000004b4."


4) Buffer overflow (CVE-ID: CVE-2017-14539)

The vulnerability allows a local authenticated user to execute arbitrary code.

IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at image00000000_00400000+0x000000000011d767."


5) Buffer overflow (CVE-ID: CVE-2017-14540)

The vulnerability allows a local authenticated user to execute arbitrary code.

IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .svg file, related to "Data from Faulting Address controls Branch Selection starting at CADIMAGE+0x000000000001f23e."


6) Buffer overflow (CVE-ID: CVE-2017-8766)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

IrfanView version 4.44 (32bit) allows remote attackers to execute code via a crafted .mov file, because of a "User Mode Write AV near NULL" issue.


7) Buffer overflow (CVE-ID: CVE-2017-8369)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

IrfanView version 4.44 (32bit) has a "Data from Faulting Address controls Branch Selection starting at USER32!wvsprintfA+0x00000000000002f3" issue, which might allow attackers to execute arbitrary code via a crafted file.


8) Buffer overflow (CVE-ID: CVE-2017-10730)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

IrfanView version 4.44 (32bit) allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d96."


9) Buffer overflow (CVE-ID: CVE-2017-10732)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x0000000000000429."


10) Buffer overflow (CVE-ID: CVE-2017-10733)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpEnterCriticalSectionContended+0x0000000000000031."


11) Buffer overflow (CVE-ID: CVE-2017-10734)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wow64NotifyDebugger+0x000000000000001d."


12) Buffer overflow (CVE-ID: CVE-2017-10735)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

IrfanView version 4.44 (32bit) might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca."


13) Integer overflow (CVE-ID: CVE-2017-2813)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation resulting in arbitrary code execution. Vulnerability can be triggered by viewing the image in via the application or by using thumbnailing feature of IrfanView.


Remediation

Install update from vendor's website.

References