CVE-2010-1509

EUVD-2010-1536
IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow, related to a "sign-extension error."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
irfanviewirfanview
𝑥
≤ 4.25
irfanviewirfanview
1.70
irfanviewirfanview
1.75
irfanviewirfanview
1.80
irfanviewirfanview
1.85
irfanviewirfanview
1.90
irfanviewirfanview
1.95
irfanviewirfanview
1.97
irfanviewirfanview
1.98
irfanviewirfanview
1.98a:a
irfanviewirfanview
1.99
irfanviewirfanview
2.00
irfanviewirfanview
2.05
irfanviewirfanview
2.07
irfanviewirfanview
2.10
irfanviewirfanview
2.12
irfanviewirfanview
2.15
irfanviewirfanview
2.17
irfanviewirfanview
2.18
irfanviewirfanview
2.20
irfanviewirfanview
2.22
irfanviewirfanview
2.25
irfanviewirfanview
2.27
irfanviewirfanview
2.30
irfanviewirfanview
2.32
irfanviewirfanview
2.35
irfanviewirfanview
2.37
irfanviewirfanview
2.40
irfanviewirfanview
2.50
irfanviewirfanview
2.52
irfanviewirfanview
2.55
irfanviewirfanview
2.60
irfanviewirfanview
2.62
irfanviewirfanview
2.63
irfanviewirfanview
2.65
irfanviewirfanview
2.66
irfanviewirfanview
2.68
irfanviewirfanview
2.80
irfanviewirfanview
2.82
irfanviewirfanview
2.83
irfanviewirfanview
2.85
irfanviewirfanview
2.90
irfanviewirfanview
2.92
irfanviewirfanview
2.95
irfanviewirfanview
2.97
irfanviewirfanview
2.98
irfanviewirfanview
3.00
irfanviewirfanview
3.02
irfanviewirfanview
3.05
irfanviewirfanview
3.07
irfanviewirfanview
3.10
irfanviewirfanview
3.12
irfanviewirfanview
3.15
irfanviewirfanview
3.17
irfanviewirfanview
3.20
irfanviewirfanview
3.21
irfanviewirfanview
3.25
irfanviewirfanview
3.30
irfanviewirfanview
3.33
irfanviewirfanview
3.35
irfanviewirfanview
3.36
irfanviewirfanview
3.50
irfanviewirfanview
3.51
irfanviewirfanview
3.60
irfanviewirfanview
3.61
irfanviewirfanview
3.70
irfanviewirfanview
3.75
irfanviewirfanview
3.80
irfanviewirfanview
3.85
irfanviewirfanview
3.90
irfanviewirfanview
3.91
irfanviewirfanview
3.92
irfanviewirfanview
3.95
irfanviewirfanview
3.97
irfanviewirfanview
3.98
irfanviewirfanview
3.99
irfanviewirfanview
4.00
irfanviewirfanview
4.10
irfanviewirfanview
4.20
irfanviewirfanview
4.22
irfanviewirfanview
4.23
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://irfanview.com/main_history.htm
http://osvdb.org/64627
http://secunia.com/advisories/39036
http://secunia.com/secunia_research/2010-41
http://www.securityfocus.com/archive/1/511274/100/0/threaded
http://www.securityfocus.com/bid/40104
https://exchange.xforce.ibmcloud.com/vulnerabilities/58548
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6705
http://irfanview.com/main_history.htm
http://osvdb.org/64627
http://secunia.com/advisories/39036
http://secunia.com/secunia_research/2010-41
http://www.securityfocus.com/archive/1/511274/100/0/threaded
http://www.securityfocus.com/bid/40104
https://exchange.xforce.ibmcloud.com/vulnerabilities/58548
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6705