Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

research

CVE-2019-17241

Description

IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] Irfanview


[Affected Product Code Base] Irfanview - 4.53


[Affected Component] Plugin Wsq.dll read file wsq. WSQ!ReadWSQ+0xd563: 6504e5b3 660f7f07 movdqa xmmword ptr [edi],xmm0 ds:002b:0b880000=


[Attack Type] Local


[Attack Vectors] to exploit vulnerability, someone must open a crafted WSQ file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17242

Description

IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000966f.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] IrfanView


[Affected Product Code Base] IrfanView - 4.53


[Affected Component] Plugin Wsq.dll read file wsq. WSQ!ReadWSQ+0x966f: 657aa6bf f3ab rep stos dword ptr es:[edi]


[Attack Type] Local


[Attack Vectors] to exploit vulnerability, someone must open a crafted WSQ file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17243

Description

IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155.


[VulnerabilityType Other] The data from the faulting address is later used as the target for a branch.


[Vendor of Product] Irfanview


[Affected Product Code Base] irfanview - 4.53


[Affected Component] Plugin JPEG_LS.dll read file JPEG_LS. JPEG_LS+0x3155: 6cb83155 8b16 mov edx,dword ptr [esi] ds:002b:00000000=


[Attack Vectors] to exploit vulnerability, someone must open a crafted JPEG_LS file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17244

Description

IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000001d8a.


[VulnerabilityType Other] The data from the faulting address is later used as the target for a branch.


[Vendor of Product] Irfanview


[Affected Product Code Base] irfanview - 4.53


[Affected Component] Plugin JPEG_LS.dll read file JPEG_LS. JPEG_LS+0x1d8a: 6cb81d8a 8b16 mov edx,dword ptr [esi] ds:002b:00000000=


[Attack Vectors] to exploit vulnerability, someone must open a crafted JPEG_LS file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17245

Description

IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0000000000004359.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] Irfanview


[Affected Product Code Base] Irfanview - 4.53


[Affected Component] Plugin Wsq.dll read file wsq. WSQ!ReadWSQ+0x4359: 657b53a9 8907 mov dword ptr [edi],eax ds:002b:0b8b4000=


[Attack Type] Local


[Attack Vectors] to exploit vulnerability, someone must open a crafted WSQ file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17246

Description

IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000258c.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] Irfanview


[Affected Product Code Base] Irfanview - 4.53


[Affected Component] Plugin Wsq.dll read file wsq. WSQ!ReadWSQ+0x258c: 650b35dc 66897d00 mov word ptr [ebp],di ss:002b:0b850000=


[Attack Vectors] to exploit vulnerability, someone must open a crafted WSQ file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17247

Description

IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x0000000000007da8.


[VulnerabilityType Other] The data from the faulting address is later used as the target for a later write.


[Vendor of Product] Irfanview


[Affected Product Code Base] irfanview - 4.53


[Affected Component] Plugin JPEG_LS.dll read file JPEG_LS. JPEG_LS+0x7da8: 6cb87da8 0fb741fe movzx eax,word ptr [ecx-2] ds:002b:0405cc7a=


[Attack Vectors] to exploit vulnerability, someone must open a crafted JPEG_LS file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17248

Description

IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000025b6.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] Irfanview


[Affected Product Code Base] Irfanview - 4.53


[Affected Component] Plugin Wsq.dll read file wsq. WSQ!ReadWSQ+0x25b6: 657a3606 66894500 mov word ptr [ebp],ax ss:002b:0b7da000=


[Attack Vectors] to exploit vulnerability, someone must open a crafted WSQ file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17249

Description

IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d57b.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] Irfanview


[Affected Product Code Base] Irfanview - 4.53


[Affected Component] Plugin Wsq.dll read file wsq. WSQ!ReadWSQ+0xd57b: 657ae5cb 660f7f4750 movdqa xmmword ptr [edi+50h],xmm0 ds:002b:0b990000=


[Attack Vectors] to exploit vulnerability, someone must open a crafted WSQ file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17250

Description

IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000042f5.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] Irfanview


[Affected Product Code Base] Irfanview - 4.53


[Affected Component] Plugin Wsq.dll read file wsq. WSQ!ReadWSQ+0x42f5: 65035345 8917 mov dword ptr [edi],edx ds:002b:0b712ffe=


[Attack Type] Local


[Attack Vectors] to exploit vulnerability, someone must open a crafted WSQ file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17251

Description

IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d43.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] Irfanview


[Affected Product Code Base] irfanview - 4.53


[Affected Component] Plugin Formats.dll. FORMATS!GetPlugInInfo+0x7d43: 10063cd3 f3a5 rep movs dword ptr es:[edi],dword ptr [esi]


[Attack Vectors] to exploit vulnerability, someone must open a crafted RAS file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17252

Description

IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!Read_BadPNG+0x0000000000000115.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] Irfanview


[Affected Product Code Base] irfanview - 4.53


[Affected Component] Plugin Formats.dll. FORMATS!Read_BadPNG+0x115: 1005aa65 c7462000000000 mov dword ptr [esi+20h],0 ds:002b:0e314000=


[Attack Vectors] to exploit vulnerability, someone must open a crafted PNG file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17253

Description

IrfanView 4.53 allows a User Mode Write AV starting at JPEG_LS+0x000000000000a6b8.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] IrfanView


[Affected Product Code Base] IrfanView - 4.53


[Affected Component] Plugin JPEG_LS.dll read file jpeg_ls. JPEG_LS+0xa6b8: 6cb8a6b8 66894afe mov word ptr [edx-2],cx ds:002b:05d02240=


[Attack Vectors] to exploit vulnerability, someone must open a crafted JPEG_LS file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17254

Description

IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at FORMATS!Read_BadPNG+0x0000000000000101.


[VulnerabilityType Other] The data from the faulting address is later used as the target for a later write.


[Vendor of Product] Irfanview


[Affected Product Code Base] irfanview - 4.53


[Affected Component] Plugin Formats.dll. FORMATS!Read_BadPNG+0x101: 1005aa51 8b4608 mov eax,dword ptr [esi+8] ds:002b:0e34a000=


[Attack Type] Local


[Attack Vectors] to exploit vulnerability, someone must open a crafted PNG file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17255

Description

IrfanView 4.53 allows a User Mode Write AV starting at EXR!ReadEXR+0x0000000000010836.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] Irfanview


[Affected Product Code Base] irfanview - 4.53


[Affected Component] Plugin Exr.dll read file exr. EXR!ReadEXR+0x10836: 10011c86 66890a mov word ptr [edx],cx ds:002b:0c71c000=


[Attack Vectors] to exploit vulnerability, someone must open a crafted EXR file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17256

Description

IrfanView 4.53 allows a User Mode Write AV starting at DPX!ReadDPX_W+0x0000000000001203.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] Irfanview


[Affected Product Code Base] irfanview - 4.53


[Affected Component] Plugin Dpx.dll read file DPX. DPX!ReadDPX_W+0x1203: 6541d593 8802 mov byte ptr [edx],al ds:002b:0b50d000=


[Attack Vectors] to exploit vulnerability, someone must open a crafted DPX file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17257

Description

IrfanView 4.53 allows a Exception Handler Chain to be Corrupted starting at EXR!ReadEXR+0x000000000002af80.


[VulnerabilityType Other] Corruption of the exception handler chain


[Vendor of Product] Irfanview


[Affected Product Code Base] Irfanview - 4.53


[Affected Component] Plugin Exr.dll read file exr. EXR!ReadEXR+0x2af80: 1002c3d0 f3a4 rep movs byte ptr es:[edi],byte ptr [esi]


[Attack Vectors] to exploit vulnerability, someone must open a crafted EXR file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17258

Description

IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x000000000000839c.


[VulnerabilityType Other] The data from the faulting address is later used as the target for a later write.


[Vendor of Product] Irfanview


[Affected Product Code Base] irfanview - 4.53


[Affected Component] Plugin JPEG_LS.dll read file jpeg_ls. JPEG_LS+0x839c: 6cb8839c 0fb741fe movzx eax,word ptr [ecx-2] ds:002b:bdcd32a8=


[Attack Vectors] to exploit vulnerability, someone must open a crafted JPEG_LS file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.irfanview.com/main_history.htm

CVE-2019-17259

Description

KMPlayer 4.2.2.31 allows a User Mode Write AV starting at utils!src_new+0x000000000014d6ee.


[VulnerabilityType Other] User mode write access violations.


[Vendor of Product] KMPlayer


[Affected Product Code Base] KMPlayer - 4.2.2.31


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] http://www.kmplayer.com

#Use CVE-2019-17260

Description

MPC-HC through 1.7.13 allows a Read Access Violation on a Block Data Move starting at mpc_hc!memcpy+0x000000000000004e.


[VulnerabilityType Other] This is a read access violation in a block data move


[Vendor of Product] MPC-HC


[Affected Product Code Base] MPC-HC - all version


[Attack Type] Local


[Has vendor confirmed or acknowledged the vulnerability?] true


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://mpc-hc.org/changelog/

CVE-2019-17261

Description

XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001e51.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] XnView


[Affected Product Code Base] XnView Classic - 2.49.1


[Affected Component] Plugin Xwsq.dll read file wsq. Xwsq+0x1e51: 10001e51 66895500 mov word ptr [ebp],dx ss:002b:05858000=


[Attack Type] Local


[Attack Vectors] to exploit vulnerability, someone must open a crafted WSQ file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.xnview.com/en/xnview/#changelog

Use CVE-2019-17262

Description

XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001fc0.


[VulnerabilityType Other] User mode write access violations


[Vendor of Product] XnView


[Affected Product Code Base] XnView Classic - 2.49.1


[Affected Component] Plugin Xwsq.dll read file wsq. Xwsq+0x1fc0: 10001fc0 f3ab rep stos dword ptr es:[edi]


[Attack Type] Local


[Attack Vectors] to exploit vulnerability, someone must open a crafted WSQ file.


[Discoverer] Infiniti Team, VinCSS (a member of Vingroup)


[Reference] https://www.xnview.com/en/xnview/#changelog