Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for formats by irfanview

    CVE-2024-5877 (GCVE-0-2024-5877)

    Vulnerability from nvd – Published: 2024-11-22 20:05 – Updated: 2024-11-22 21:55
    VLAI
    Title
    IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
    Summary
    IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PIC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23974.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    IrfanView IrfanView Affected: 4.67 64bit
    Create a notification for this product.
    irfanview irfanview Affected: 4.67 , < 4.70 (custom)
        cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-06-12 20:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "irfanview",
                "vendor": "irfanview",
                "versions": [
                  {
                    "lessThan": "4.70",
                    "status": "affected",
                    "version": "4.67",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5877",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-22T21:19:51.554962Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T21:55:50.308Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "IrfanView",
              "vendor": "IrfanView",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.67 64bit"
                }
              ]
            }
          ],
          "dateAssigned": "2024-06-11T16:23:08.108Z",
          "datePublic": "2024-06-12T20:27:13.318Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PIC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23974."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T20:05:38.750Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-666",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-666/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-5877",
        "datePublished": "2024-11-22T20:05:38.750Z",
        "dateReserved": "2024-06-11T16:23:08.047Z",
        "dateUpdated": "2024-11-22T21:55:50.308Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-5876 (GCVE-0-2024-5876)

    Vulnerability from nvd – Published: 2024-11-22 20:05 – Updated: 2024-11-22 21:55
    VLAI
    Title
    IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23973.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    IrfanView IrfanView Affected: 4.67 64bit
    Create a notification for this product.
    irfanview irfanview Affected: 4.67 , < 4.70 (custom)
        cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-06-12 20:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "irfanview",
                "vendor": "irfanview",
                "versions": [
                  {
                    "lessThan": "4.70",
                    "status": "affected",
                    "version": "4.67",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5876",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-22T21:19:53.147604Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T21:55:50.197Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "IrfanView",
              "vendor": "IrfanView",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.67 64bit"
                }
              ]
            }
          ],
          "dateAssigned": "2024-06-11T16:22:51.637Z",
          "datePublic": "2024-06-12T20:27:38.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23973."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T20:05:37.770Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-669",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-669/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-5876",
        "datePublished": "2024-11-22T20:05:37.770Z",
        "dateReserved": "2024-06-11T16:22:51.592Z",
        "dateUpdated": "2024-11-22T21:55:50.197Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-5875 (GCVE-0-2024-5875)

    Vulnerability from nvd – Published: 2024-11-22 20:05 – Updated: 2024-11-22 21:55
    VLAI
    Title
    IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
    Summary
    IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SHP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23972.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    IrfanView IrfanView Affected: 4.67 64bit
    Create a notification for this product.
    irfanview irfanview Affected: 4.67 , < 4.70 (custom)
        cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-06-12 20:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "irfanview",
                "vendor": "irfanview",
                "versions": [
                  {
                    "lessThan": "4.70",
                    "status": "affected",
                    "version": "4.67",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5875",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-22T21:19:55.127501Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T21:55:50.061Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "IrfanView",
              "vendor": "IrfanView",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.67 64bit"
                }
              ]
            }
          ],
          "dateAssigned": "2024-06-11T16:22:27.547Z",
          "datePublic": "2024-06-12T20:27:29.517Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SHP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23972."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T20:05:36.683Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-668",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-668/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-5875",
        "datePublished": "2024-11-22T20:05:36.683Z",
        "dateReserved": "2024-06-11T16:22:27.499Z",
        "dateUpdated": "2024-11-22T21:55:50.061Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-5874 (GCVE-0-2024-5874)

    Vulnerability from nvd – Published: 2024-11-22 20:05 – Updated: 2024-11-22 21:55
    VLAI
    Title
    IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
    Summary
    IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNT files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23969.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    IrfanView IrfanView Affected: 4.67 64bit
    Create a notification for this product.
    irfanview irfanview Affected: 4.67 , < 4.70 (custom)
        cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-06-12 20:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "irfanview",
                "vendor": "irfanview",
                "versions": [
                  {
                    "lessThan": "4.70",
                    "status": "affected",
                    "version": "4.67",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5874",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-22T21:19:56.531236Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T21:55:49.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "IrfanView",
              "vendor": "IrfanView",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.67 64bit"
                }
              ]
            }
          ],
          "dateAssigned": "2024-06-11T16:22:11.514Z",
          "datePublic": "2024-06-12T20:27:21.399Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PNT files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23969."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T20:05:35.679Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-667",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-667/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-5874",
        "datePublished": "2024-11-22T20:05:35.679Z",
        "dateReserved": "2024-06-11T16:22:11.464Z",
        "dateUpdated": "2024-11-22T21:55:49.938Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0197 (GCVE-0-2009-0197)

    Vulnerability from nvd – Published: 2009-04-09 15:00 – Updated: 2024-08-07 04:24
    VLAI
    Summary
    Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2009/0953 vdb-entryx_refsource_VUPEN
    http://www.irfanview.com/plugins.htm x_refsource_CONFIRM
    http://www.securityfocus.com/bid/34402 vdb-entryx_refsource_BID
    http://www.osvdb.org/53323 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/34525 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/secunia_research/2009-20/ x_refsource_MISC
    http://www.securityfocus.com/archive/1/502516/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2009-04-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:24:18.184Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "irfanview-formatsplugin-xpm-bo(49717)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49717"
              },
              {
                "name": "ADV-2009-0953",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0953"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.irfanview.com/plugins.htm"
              },
              {
                "name": "34402",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34402"
              },
              {
                "name": "53323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/53323"
              },
              {
                "name": "34525",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34525"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2009-20/"
              },
              {
                "name": "20090407 Secunia Research: IrfanView Formats Plug-in XPM Parsing Integer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/502516/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
            "shortName": "flexera"
          },
          "references": [
            {
              "name": "irfanview-formatsplugin-xpm-bo(49717)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49717"
            },
            {
              "name": "ADV-2009-0953",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0953"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.irfanview.com/plugins.htm"
            },
            {
              "name": "34402",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34402"
            },
            {
              "name": "53323",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/53323"
            },
            {
              "name": "34525",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34525"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2009-20/"
            },
            {
              "name": "20090407 Secunia Research: IrfanView Formats Plug-in XPM Parsing Integer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/502516/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
              "ID": "CVE-2009-0197",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "irfanview-formatsplugin-xpm-bo(49717)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49717"
                },
                {
                  "name": "ADV-2009-0953",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/0953"
                },
                {
                  "name": "http://www.irfanview.com/plugins.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.irfanview.com/plugins.htm"
                },
                {
                  "name": "34402",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34402"
                },
                {
                  "name": "53323",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/53323"
                },
                {
                  "name": "34525",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34525"
                },
                {
                  "name": "http://secunia.com/secunia_research/2009-20/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2009-20/"
                },
                {
                  "name": "20090407 Secunia Research: IrfanView Formats Plug-in XPM Parsing Integer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/502516/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "assignerShortName": "flexera",
        "cveId": "CVE-2009-0197",
        "datePublished": "2009-04-09T15:00:00.000Z",
        "dateReserved": "2009-01-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:24:18.184Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-5877 (GCVE-0-2024-5877)

    Vulnerability from cvelistv5 – Published: 2024-11-22 20:05 – Updated: 2024-11-22 21:55
    VLAI
    Title
    IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
    Summary
    IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PIC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23974.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    IrfanView IrfanView Affected: 4.67 64bit
    Create a notification for this product.
    irfanview irfanview Affected: 4.67 , < 4.70 (custom)
        cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-06-12 20:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "irfanview",
                "vendor": "irfanview",
                "versions": [
                  {
                    "lessThan": "4.70",
                    "status": "affected",
                    "version": "4.67",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5877",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-22T21:19:51.554962Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T21:55:50.308Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "IrfanView",
              "vendor": "IrfanView",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.67 64bit"
                }
              ]
            }
          ],
          "dateAssigned": "2024-06-11T16:23:08.108Z",
          "datePublic": "2024-06-12T20:27:13.318Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PIC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23974."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T20:05:38.750Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-666",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-666/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-5877",
        "datePublished": "2024-11-22T20:05:38.750Z",
        "dateReserved": "2024-06-11T16:23:08.047Z",
        "dateUpdated": "2024-11-22T21:55:50.308Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-5876 (GCVE-0-2024-5876)

    Vulnerability from cvelistv5 – Published: 2024-11-22 20:05 – Updated: 2024-11-22 21:55
    VLAI
    Title
    IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
    Summary
    IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23973.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    IrfanView IrfanView Affected: 4.67 64bit
    Create a notification for this product.
    irfanview irfanview Affected: 4.67 , < 4.70 (custom)
        cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-06-12 20:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "irfanview",
                "vendor": "irfanview",
                "versions": [
                  {
                    "lessThan": "4.70",
                    "status": "affected",
                    "version": "4.67",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5876",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-22T21:19:53.147604Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T21:55:50.197Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "IrfanView",
              "vendor": "IrfanView",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.67 64bit"
                }
              ]
            }
          ],
          "dateAssigned": "2024-06-11T16:22:51.637Z",
          "datePublic": "2024-06-12T20:27:38.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23973."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T20:05:37.770Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-669",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-669/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-5876",
        "datePublished": "2024-11-22T20:05:37.770Z",
        "dateReserved": "2024-06-11T16:22:51.592Z",
        "dateUpdated": "2024-11-22T21:55:50.197Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-5875 (GCVE-0-2024-5875)

    Vulnerability from cvelistv5 – Published: 2024-11-22 20:05 – Updated: 2024-11-22 21:55
    VLAI
    Title
    IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
    Summary
    IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SHP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23972.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    IrfanView IrfanView Affected: 4.67 64bit
    Create a notification for this product.
    irfanview irfanview Affected: 4.67 , < 4.70 (custom)
        cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-06-12 20:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "irfanview",
                "vendor": "irfanview",
                "versions": [
                  {
                    "lessThan": "4.70",
                    "status": "affected",
                    "version": "4.67",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5875",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-22T21:19:55.127501Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T21:55:50.061Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "IrfanView",
              "vendor": "IrfanView",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.67 64bit"
                }
              ]
            }
          ],
          "dateAssigned": "2024-06-11T16:22:27.547Z",
          "datePublic": "2024-06-12T20:27:29.517Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SHP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23972."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T20:05:36.683Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-668",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-668/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-5875",
        "datePublished": "2024-11-22T20:05:36.683Z",
        "dateReserved": "2024-06-11T16:22:27.499Z",
        "dateUpdated": "2024-11-22T21:55:50.061Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-5874 (GCVE-0-2024-5874)

    Vulnerability from cvelistv5 – Published: 2024-11-22 20:05 – Updated: 2024-11-22 21:55
    VLAI
    Title
    IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
    Summary
    IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNT files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23969.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    IrfanView IrfanView Affected: 4.67 64bit
    Create a notification for this product.
    irfanview irfanview Affected: 4.67 , < 4.70 (custom)
        cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-06-12 20:27
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "irfanview",
                "vendor": "irfanview",
                "versions": [
                  {
                    "lessThan": "4.70",
                    "status": "affected",
                    "version": "4.67",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5874",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-22T21:19:56.531236Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T21:55:49.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "IrfanView",
              "vendor": "IrfanView",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.67 64bit"
                }
              ]
            }
          ],
          "dateAssigned": "2024-06-11T16:22:11.514Z",
          "datePublic": "2024-06-12T20:27:21.399Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PNT files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23969."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-22T20:05:35.679Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "name": "ZDI-24-667",
              "tags": [
                "x_research-advisory"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-667/"
            }
          ],
          "source": {
            "lang": "en",
            "value": "Anonymous"
          },
          "title": "IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2024-5874",
        "datePublished": "2024-11-22T20:05:35.679Z",
        "dateReserved": "2024-06-11T16:22:11.464Z",
        "dateUpdated": "2024-11-22T21:55:49.938Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0197 (GCVE-0-2009-0197)

    Vulnerability from cvelistv5 – Published: 2009-04-09 15:00 – Updated: 2024-08-07 04:24
    VLAI
    Summary
    Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2009/0953 vdb-entryx_refsource_VUPEN
    http://www.irfanview.com/plugins.htm x_refsource_CONFIRM
    http://www.securityfocus.com/bid/34402 vdb-entryx_refsource_BID
    http://www.osvdb.org/53323 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/34525 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/secunia_research/2009-20/ x_refsource_MISC
    http://www.securityfocus.com/archive/1/502516/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2009-04-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:24:18.184Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "irfanview-formatsplugin-xpm-bo(49717)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49717"
              },
              {
                "name": "ADV-2009-0953",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0953"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.irfanview.com/plugins.htm"
              },
              {
                "name": "34402",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34402"
              },
              {
                "name": "53323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/53323"
              },
              {
                "name": "34525",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34525"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://secunia.com/secunia_research/2009-20/"
              },
              {
                "name": "20090407 Secunia Research: IrfanView Formats Plug-in XPM Parsing Integer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/502516/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
            "shortName": "flexera"
          },
          "references": [
            {
              "name": "irfanview-formatsplugin-xpm-bo(49717)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49717"
            },
            {
              "name": "ADV-2009-0953",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0953"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.irfanview.com/plugins.htm"
            },
            {
              "name": "34402",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34402"
            },
            {
              "name": "53323",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/53323"
            },
            {
              "name": "34525",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34525"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://secunia.com/secunia_research/2009-20/"
            },
            {
              "name": "20090407 Secunia Research: IrfanView Formats Plug-in XPM Parsing Integer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/502516/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
              "ID": "CVE-2009-0197",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "irfanview-formatsplugin-xpm-bo(49717)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49717"
                },
                {
                  "name": "ADV-2009-0953",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/0953"
                },
                {
                  "name": "http://www.irfanview.com/plugins.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.irfanview.com/plugins.htm"
                },
                {
                  "name": "34402",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34402"
                },
                {
                  "name": "53323",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/53323"
                },
                {
                  "name": "34525",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34525"
                },
                {
                  "name": "http://secunia.com/secunia_research/2009-20/",
                  "refsource": "MISC",
                  "url": "http://secunia.com/secunia_research/2009-20/"
                },
                {
                  "name": "20090407 Secunia Research: IrfanView Formats Plug-in XPM Parsing Integer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/502516/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "assignerShortName": "flexera",
        "cveId": "CVE-2009-0197",
        "datePublished": "2009-04-09T15:00:00.000Z",
        "dateReserved": "2009-01-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:24:18.184Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }