CVE-2010-1509

IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow, related to a "sign-extension error."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
flexeraCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
irfanviewirfanview
𝑥
≤ 4.25
irfanviewirfanview
1.70
irfanviewirfanview
1.75
irfanviewirfanview
1.80
irfanviewirfanview
1.85
irfanviewirfanview
1.90
irfanviewirfanview
1.95
irfanviewirfanview
1.97
irfanviewirfanview
1.98
irfanviewirfanview
1.98a:a
irfanviewirfanview
1.99
irfanviewirfanview
2.00
irfanviewirfanview
2.05
irfanviewirfanview
2.07
irfanviewirfanview
2.10
irfanviewirfanview
2.12
irfanviewirfanview
2.15
irfanviewirfanview
2.17
irfanviewirfanview
2.18
irfanviewirfanview
2.20
irfanviewirfanview
2.22
irfanviewirfanview
2.25
irfanviewirfanview
2.27
irfanviewirfanview
2.30
irfanviewirfanview
2.32
irfanviewirfanview
2.35
irfanviewirfanview
2.37
irfanviewirfanview
2.40
irfanviewirfanview
2.50
irfanviewirfanview
2.52
irfanviewirfanview
2.55
irfanviewirfanview
2.60
irfanviewirfanview
2.62
irfanviewirfanview
2.63
irfanviewirfanview
2.65
irfanviewirfanview
2.66
irfanviewirfanview
2.68
irfanviewirfanview
2.80
irfanviewirfanview
2.82
irfanviewirfanview
2.83
irfanviewirfanview
2.85
irfanviewirfanview
2.90
irfanviewirfanview
2.92
irfanviewirfanview
2.95
irfanviewirfanview
2.97
irfanviewirfanview
2.98
irfanviewirfanview
3.00
irfanviewirfanview
3.02
irfanviewirfanview
3.05
irfanviewirfanview
3.07
irfanviewirfanview
3.10
irfanviewirfanview
3.12
irfanviewirfanview
3.15
irfanviewirfanview
3.17
irfanviewirfanview
3.20
irfanviewirfanview
3.21
irfanviewirfanview
3.25
irfanviewirfanview
3.30
irfanviewirfanview
3.33
irfanviewirfanview
3.35
irfanviewirfanview
3.36
irfanviewirfanview
3.50
irfanviewirfanview
3.51
irfanviewirfanview
3.60
irfanviewirfanview
3.61
irfanviewirfanview
3.70
irfanviewirfanview
3.75
irfanviewirfanview
3.80
irfanviewirfanview
3.85
irfanviewirfanview
3.90
irfanviewirfanview
3.91
irfanviewirfanview
3.92
irfanviewirfanview
3.95
irfanviewirfanview
3.97
irfanviewirfanview
3.98
irfanviewirfanview
3.99
irfanviewirfanview
4.00
irfanviewirfanview
4.10
irfanviewirfanview
4.20
irfanviewirfanview
4.22
irfanviewirfanview
4.23
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://irfanview.com/main_history.htm
http://osvdb.org/64627
http://secunia.com/advisories/39036
http://secunia.com/secunia_research/2010-41
http://www.securityfocus.com/archive/1/511274/100/0/threaded
http://www.securityfocus.com/bid/40104
https://exchange.xforce.ibmcloud.com/vulnerabilities/58548
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6705
http://irfanview.com/main_history.htm
http://osvdb.org/64627
http://secunia.com/advisories/39036
http://secunia.com/secunia_research/2010-41
http://www.securityfocus.com/archive/1/511274/100/0/threaded
http://www.securityfocus.com/bid/40104
https://exchange.xforce.ibmcloud.com/vulnerabilities/58548
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6705