Kaspersky ID:
KLA11205
Detect Date:
10/22/2017
Updated:
01/22/2024

Description

Multiple serious vulnerabilities have been found in IrfanView 4.50. Malicious users can exploit these vulnerabilities to cause a denial of service or execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. A buffer overflow vulnerability can be exploited locally via a specially crafted *.dds file to cause a denial of service;
  2. A buffer overflow vulnerability can be exploited locally via a specially crafted *.tif file to cause a denial of service;
  3. Multiple buffer overflow vulnerabilities can be exploited locally via a specially crafted *.dwg file to cause a denial of service or execute arbitrary code.

Original advisories

Related products

CVE list

  • CVE-2017-15737
    high
  • CVE-2017-15738
    high
  • CVE-2017-15739
    high
  • CVE-2017-15740
    high
  • CVE-2017-15741
    high
  • CVE-2017-15742
    high
  • CVE-2017-15743
    high
  • CVE-2017-15744
    high
  • CVE-2017-15745
    high
  • CVE-2017-15746
    high
  • CVE-2017-15747
    high
  • CVE-2017-15748
    high
  • CVE-2017-15749
    high
  • CVE-2017-15750
    high
  • CVE-2017-15751
    high
  • CVE-2017-15752
    high
  • CVE-2017-15753
    high
  • CVE-2017-15754
    high
  • CVE-2017-15755
    high
  • CVE-2017-15756
    high
  • CVE-2017-15757
    high
  • CVE-2017-15758
    high
  • CVE-2017-15759
    high
  • CVE-2017-15760
    high
  • CVE-2017-15761
    high
  • CVE-2017-15762
    high
  • CVE-2017-15763
    high
  • CVE-2017-15764
    high
  • CVE-2017-15765
    high
  • CVE-2017-15766
    high
  • CVE-2017-15767
    high
  • CVE-2017-15768
    high
  • CVE-2017-15769
    high

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.