Search criteria
96 vulnerabilities found for fpx by irfanview
FKIE_CVE-2017-9888
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000031a0."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9888 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9888 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to \"Data from Faulting Address controls Branch Selection starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000031a0.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado mediante un archivo .fpx manipulado, relacionado a \"Data from Faulting Address controls Branch Selection comenzando en FPX!FPX_GetScanDevicePropertyGroup+0x00000000000031a0.\""
}
],
"id": "CVE-2017-9888",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:04.107",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9888"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9886
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpLowFragHeapFree+0x000000000000001f."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9886 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9886 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to \"Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpLowFragHeapFree+0x000000000000001f.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado mediante un archivo .fpx manipulado, relacionado a \"Data from Faulting Address controls Branch Selection comenzando en ntdll_77df0000!RtlpLowFragHeapFree+0x000000000000001f.\""
}
],
"id": "CVE-2017-9886",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:04.027",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9886"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9887
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX+0x000000000000688d."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9887 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9887 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to \"Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX+0x000000000000688d.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado mediante un archivo .fpx manipulado, relacionado a \"Data from Faulting Address es usado como uno o mas argumentos en una subsecuencia Function Call comenzando en FPX+0x000000000000688d.\""
}
],
"id": "CVE-2017-9887",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:04.077",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9887"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9889
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000003714."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9889 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9889 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a \"Read Access Violation starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000003714.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado mediante un archivo .fpx manipulado, relacionado a \"Read Access Violation comenzando en FPX!FPX_GetScanDevicePropertyGroup+0x0000000000003714.\""
}
],
"id": "CVE-2017-9889",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:04.137",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9889"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9890
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a "Read Access Violation starting at FPX+0x000000000000153a."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9890 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9890 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to a \"Read Access Violation starting at FPX+0x000000000000153a.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado mediante un archivo .fpx manipulado, relacionado a \"Read Access Violation comenzando en FPX+0x000000000000153a.\""
}
],
"id": "CVE-2017-9890",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:04.187",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9890"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9891
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007053."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9891 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9891 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to \"Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007053.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado mediante la manipulaci\u00f3n de un archivo .fpx, relacionado a \"Data from Faulting Address es used como uno o mas argumentos en una subsecuencia Function Call comenzando en FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007053.\""
}
],
"id": "CVE-2017-9891",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:04.233",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9891"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9892
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x0000000000000393."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9892 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9892 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to \"Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x0000000000000393.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado mediante la manipulaci\u00f3n de un archivo .fpx, relacionado a \"Data from Faulting Address controls Branch Selection comenzando en ntdll_77df0000!RtlpFreeHeap+0x0000000000000393.\""
}
],
"id": "CVE-2017-9892",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:04.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9892"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9531
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX+0x000000000000176c."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9531 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9531 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"User Mode Write AV starting at FPX+0x000000000000176c.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.46, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx especialmente dise\u00f1ado, relacionado a un \"User Mode Write AV starting at FPX+0x000000000000176c\"."
}
],
"id": "CVE-2017-9531",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.327",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9531"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9536
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000014eb."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9536 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9536 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"Read Access Violation on Control Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000014eb.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.46, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx especialmente dise\u00f1ado, relacionado a una \"Read Access Violation on Control Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000014eb.\""
}
],
"id": "CVE-2017-9536",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.513",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9536"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9877
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c998."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9877 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9877 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to \"Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c998.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a un atacante ejecutar c\u00f3digo aleatorio o causar una denegaci\u00f3n de servicio mediante un archivo .fpx manipulado, relacionado a \"datos de Faulting Address controls Code Flow comenzado en FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c998.\""
}
],
"id": "CVE-2017-9877",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.717",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9877"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9876
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c995."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9876 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9876 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to \"Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c995.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacantes ejecutar c\u00f3digo aleatorio o causar una denegaci\u00f3n de servicio mediante un archivo .fpx manipulado, relacionado a \"Data from Faulting Address controls Code Flow comenzando en FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c995.\""
}
],
"id": "CVE-2017-9876",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.653",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9876"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9875
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!DE_Decode+0x0000000000000cdb."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9875 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9875 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"User Mode Write AV starting at FPX!DE_Decode+0x0000000000000cdb.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.46, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx especialmente dise\u00f1ado, relacionado a un \"User Mode Write AV starting at FPX!DE_Decode+0x0000000000000cdb.\""
}
],
"id": "CVE-2017-9875",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.607",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9875"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9534
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000017426."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9534 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9534 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000017426.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.46, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx especialmente dise\u00f1ado, relacionado a un \"User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000017426\"."
}
],
"id": "CVE-2017-9534",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.437",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9534"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9532
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX+0x0000000000001555."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9532 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9532 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"User Mode Write AV starting at FPX+0x0000000000001555.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.46, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx especialmente dise\u00f1ado, relacionado a un \"User Mode Write AV starting at FPX+0x0000000000001555.\"."
}
],
"id": "CVE-2017-9532",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.357",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9532"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9533
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!DE_Decode+0x0000000000000a9b."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9533 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9533 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"User Mode Write AV starting at FPX!DE_Decode+0x0000000000000a9b.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.46, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx especialmente dise\u00f1ado, relacionado a un \"User Mode Write AV starting at FPX!DE_Decode+0x0000000000000a9b.\""
}
],
"id": "CVE-2017-9533",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.403",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9533"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9873
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!GetPlugInInfo+0x0000000000012bf2."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9873 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9873 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"Read Access Violation on Control Flow starting at FPX!GetPlugInInfo+0x0000000000012bf2.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.46, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx especialmente dise\u00f1ado, relacionado a una \"Read Access Violation on Control Flow starting at FPX!GetPlugInInfo+0x0000000000012bf2.\""
}
],
"id": "CVE-2017-9873",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.543",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9873"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9535
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000016e53."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9535 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9535 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000016e53.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.46, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx especialmente dise\u00f1ado, relacionado a un \"User Mode Write AV starting at FPX!GetPlugInInfo+0x0000000000016e53\"."
}
],
"id": "CVE-2017-9535",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.483",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9535"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9879
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls subsequent Write Address starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a525."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9879 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9879 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to \"Data from Faulting Address controls subsequent Write Address starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a525.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite atacantes ejecutar c\u00f3digo aleatorio o causar una denegaci\u00f3n de servicio mediante un archivo .fpx manipulado, relacionado a \"Data from Faulting Address controls subsecuente a Wtrite Address comenzando en FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a525.\""
}
],
"id": "CVE-2017-9879",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.777",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9879"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9880
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX+0x0000000000007236."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9880 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9880 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to \"Data from Faulting Address controls Code Flow starting at FPX+0x0000000000007236.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin 4.46 permite a atacantes ejecutar c\u00f3digo aleatorio o causar una denegaci\u00f3n de servicio mediante un archivo .fpx manipulado, relacionado a \"Data from Faulting Address controls Code Flow comenzando en FPX+0x0000000000007236.\""
}
],
"id": "CVE-2017-9880",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.810",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9880"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9878
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c99a."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9878 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9878 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"Read Access Violation on Control Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c99a.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a un atacante ejecutar c\u00f3digo aleatorio o causar una denegaci\u00f3n de servicio mediante un archivo .fpx manipulado, relacionado a \"Read Access Violation en Control Flow comenzando en FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c99a.\""
}
],
"id": "CVE-2017-9878",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.747",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9878"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9528
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000000f53."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9528 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9528 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000000f53.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.46, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx especialmente dise\u00f1ado, relacionado a un \"User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000000f53\"."
}
],
"id": "CVE-2017-9528",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9528"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9874
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007822."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9874 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9874 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007822.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.46, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx especialmente dise\u00f1ado, relacionado a un \"User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000007822.\""
}
],
"id": "CVE-2017-9874",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.577",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9874"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9882
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Block Data Move starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b84f."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9882 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9882 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"Read Access Violation on Block Data Move starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b84f.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacantes ejecutar c\u00f3digo aleatorio o causar una denegaci\u00f3n de servicio mediante un archivo .fpx manipulado, relacionado a \"Read Access Violation en Block Data Move comenzando en FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b84f.\""
}
],
"id": "CVE-2017-9882",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.873",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9882"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9881
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000014e7."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9881 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9881 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to \"Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x00000000000014e7.\""
},
{
"lang": "es",
"value": "Irfanview en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite atacantes ejecutar c\u00f3digo aleatorio o causar una denegaci\u00f3n de servicio mediante un archivo .fpx manipulado, relacionado a \"Data from Faulting Address controls code Flow comenzando en FPX!FPX_GetScanDevicePropertyGroup+0x00000000000014e7.\""
}
],
"id": "CVE-2017-9881",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.840",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9881"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9883
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX+0x0000000000007216."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9883 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9883 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to \"Data from Faulting Address controls Code Flow starting at FPX+0x0000000000007216.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacante ejecutar c\u00f3digo aleatorio o causar una denegaci\u00f3n de servicio mediante un archivo .fpx manipulado, relacionado a \"Data from Faulting Address controls Code Flow comenzando en FPX+0x0000000000007216.\""
}
],
"id": "CVE-2017-9883",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.920",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9883"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9884
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000001b6."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9884 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9884 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to \"Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000001b6.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin FPX 4.46 permite a atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado mediante un archivo .fpx manipulado relacionado a \"Data from Faulting Address controls Branch Selection comenzando en ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000001b6.\""
}
],
"id": "CVE-2017-9884",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.950",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9884"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-9885
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000006a98."
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| cve@mitre.org | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9885 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.irfanview.com/plugins.htm | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9885 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.46:*:*:*:*:*:*:*",
"matchCriteriaId": "CB388CE0-44E9-4B29-9632-702F0FB98774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to \"Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000006a98.\""
},
{
"lang": "es",
"value": "IrfanView en su versi\u00f3n 4.44 (32bit) con el plugin 4.46 permite a atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado mediante un archivo .fpx manipulado, relacionado Faulting Address es usado como uno o mas argumentos en una subsecuencia Function Call comenzando en FPX!FPX_GetScanDevicePropertyGroup+0x0000000000006a98.\""
}
],
"id": "CVE-2017-9885",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:03.997",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9885"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-10924
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529."
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.47:*:*:*:*:*:*:*",
"matchCriteriaId": "127D6786-6C65-4E9B-9842-C8F1B0E177E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView 4.44 (32bit) with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a \"User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.47, permite a los atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un archivo .fpx creado, relacionado a un \"User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000a529\"."
}
],
"id": "CVE-2017-10924",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:02.623",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.irfanview.net/main_history.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.irfanview.net/main_history.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10924"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-8370
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote attackers to execute arbitrary code or cause a denial of service (Heap Corruption and application crash) in processing a FlashPix (.FPX) file, a different vulnerability than CVE-2017-7721.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.45:*:*:*:*:*:*:*",
"matchCriteriaId": "15960D98-8603-4AD4-944B-83FF6FC45E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:x86:*",
"matchCriteriaId": "88778CE0-192D-42EA-8644-9BF65D383A7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.45 allows remote attackers to execute arbitrary code or cause a denial of service (Heap Corruption and application crash) in processing a FlashPix (.FPX) file, a different vulnerability than CVE-2017-7721."
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.45, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de Heap y bloqueo de aplicaci\u00f3n) al procesar un archivo FlashPix (.FPX), una vulnerabilidad diferente a la CVE-2017-7721."
}
],
"id": "CVE-2017-8370",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:02.887",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-8370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "http://www.irfanview.com/plugins.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-8370"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-10925
Vulnerability from fkie_nvd - Published: 2017-07-05 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b3ae."
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:irfanview:4.44:*:*:*:*:*:*:*",
"matchCriteriaId": "19827CE9-DE69-48A5-9889-D499A95AB906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:irfanview:fpx:4.47:*:*:*:*:*:*:*",
"matchCriteriaId": "127D6786-6C65-4E9B-9842-C8F1B0E177E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IrfanView 4.44 (32bit) with FPX Plugin 4.47 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to \"Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b3ae.\""
},
{
"lang": "es",
"value": "IrfanView versi\u00f3n 4.44 (en 32 bits) con Plugin FPX versi\u00f3n 4.47, podr\u00eda permitir a los atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado por medio de un archivo .fpx creado, relacionado a \"Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000b3ae\"."
}
],
"id": "CVE-2017-10925",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-05T20:29:02.653",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.irfanview.net/main_history.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.irfanview.net/main_history.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10925"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}