CVE-2024-27443
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
https://nvd.nist.gov/vuln/detail/CVE-2024-27443
nhiephon, chung96vn, SPT from NCSC Vietnam
CVE-2022-40405
WoWonder Social Network Platform v4.1.2 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=load-my-blogs.
SQL Injection
WoWonder (www.wowonder.com)
WoWonder Social Network Platform - 4.1.2
target.website/requests.php?f=load-my-blogs&offset=inject_here
Remote
True
Remote attackers can gain access to the database by exploiting a request to "requests.php?f=load-my-blogs" via "offset" parameter.
https://github.com/nhiephon/Research
https://www.wowonder.com
NXQ, nhiephon from NCSC of Vietnam
CVE-2022-42984
WoWonder Social Network Platform 4.1.4 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=search&s=recipients.
SQL Injection
WoWonder (www.wowonder.com)
WoWonder Social Network Platform - 4.1.4
target.website/requests.php?f=search&s=recipients&query=inject_here
Remote
True
True
Remote attackers can gain access to the database by exploiting a request to "requests.php?f=search&s=recipients" via "query" parameter.
https://github.com/nhiephon/Research
https://www.wowonder.com
NXQ, nhiephon from NCSC of Vietnam
CVE-2020-13905
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038ed4.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
IrFanView 32-bit - 4.54
Plugin Formats.dll read file hdr. FORMATS!GetPlugInInfo+0x38ed4: 1006f044 8806 mov byte ptr [esi],al ds:002b:0af8f000=??
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted HDR file.
https://github.com/nhiephon/Research/blob/master/README.md
https://www.irfanview.com/plugins.htm
Nguyá»…n Quang and LĆ°u Minh TrĂ from NCSC of Vietnam
CVE-2020-13906
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038eb7.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
IrFanView 32-bit - 4.54
Plugin Formats.dll read file hdr. FORMATS!GetPlugInInfo+0x38eb7: 1006f027 8806 mov byte ptr [esi],al ds:002b:0af4f000=??
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted HDR file.
https://github.com/nhiephon/Research/blob/master/README.md
https://www.irfanview.com/plugins.htm
TuanDA, HiepHV from NCSC of Vietnam
CVE-2020-23545
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
IrFanView 32-bit - 4.54
Plugin Formats.dll read file xpm. FORMATS!ReadXPM_W+0x531: 10003991 880429 mov byte ptr [ecx+ebp],al ds:002b:0f7ff000=??
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted XPM file.
https://github.com/nhiephon/Research/blob/master/README.md
https://www.irfanview.com/plugins.htm
NXQ from NCSC of Vietnam
CVE-2020-23546
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
The data from the faulting address is later used to a function call
Irfanview
IrfanView 32-bit - 4.54
Plugin Formats.dll read file xbm. FORMATS!ReadMosaic+0x981: 10003171 8a91e8110d10 mov dl,byte ptr FORMATS!GetPlugInInfo+0x9b0b8 ds:002b:dcd9deb4=??
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted XBM file.
https://github.com/nhiephon/Research/blob/master/README.md
https://www.irfanview.com/plugins.htm
NXQ from NCSC of Vietnam
CVE-2020-23549
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6".
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
Denial Of Service, Overflow
Irfanview
IrFanView 32-bit - 4.54
FORMATS!GetPlugInInfo+0x47f6: 10039416 8b0a mov ecx, dword ptr [edx] ds:002b:48663000=????????
Local
Denial of Service
To exploit vulnerability, someone must open a crafted CR2 file.
https://github.com/nhiephon/Research/blob/master/README.md
https://www.irfanview.com/plugins.htm
NPD from NCSC of Vietnam
CVE-2020-23550
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e82.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
Irfanview 32-bit - 4.54
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e82: 1003cb12 8807 mov byte ptr [edi], al ds:002b:0ae3d000=??
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DDS file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23551
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e30.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
Irfanview 32-bit - 4.54
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e30: 1003cac0 89448ffc mov dword ptr [edi+ecx*4-4], eax ds:002b:0af2d000=????????
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DDS file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23552
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e62.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
Irfanview 32-bit - 4.54
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e62: 1003caf2 8807 mov byte ptr [edi], al ds:002b:0aebd000=??
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DDS file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23553
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007d33.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
Irfanview 32-bit - 4.54
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7d33: 1003c9c3 f3a5 rep movs dword ptr es:[edi], dword ptr [esi]
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DDS file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23554
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e20.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
Irfanview 32-bit - 4.54
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e20: 1003cab0 89448ff4 mov dword ptr [edi+ecx*4-0Ch], eax ds:002b:0af1d000=????????
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DDS file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23555
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e6e.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
Irfanview 32-bit - 4.54
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e6e: 1003cafe 8807 mov byte ptr [edi], al ds:002b:0b03d000=??
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DDS file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23556
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e28.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
Irfanview 32-bit - 4.54
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e28: 1003cab8 89448ff8 mov dword ptr [edi+ecx*4-8], eax ds:002b:0b0cd000=????????
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DDS file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23557
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000755d.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
IrfanView 32-bit - 4.54
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x755d: 10012eed 66891471 mov word ptr [ecx+esi*2],dx ds:002b:0b0a1000=????
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DCR file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23558
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007f4b.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
IrfanView 32-bit - 4.54
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x7f4b: 100138db 66890c47 mov word ptr [edi+eax*2],cx ds:002b:1bc44e40=????
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DCR file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23559
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007d7f.
Vendor fixed the error in the plugin. Please read "https://www.irfanview.com/plugins.htm"
User mode write access violations
Irfanview
IrfanView 32-bit - 4.54
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x7d7f: 1001370f 66891443 mov word ptr [ebx+eax*2],dx ds:002b:0b0e1000=????
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DCR file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23560
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000001bcab.
User mode write access violations
Irfanview
IrfanView 32-bit - 4.54
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x1bcab: 1002763b 6689047e mov word ptr [esi+edi*2],ax ds:002b:4642d000=????
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DCR file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
nhiephon from NCSC of Vietnam
CVE-2020-23561
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722.
User mode write access violations
Irfanview
IrfanView 32-bit - 4.54
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x5722: 100110b2 6689044a mov word ptr [edx+ecx*2],ax ds:002b:0b0a1000=????
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DCR file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
SPT from NCSC of Vietnam
CVE-2020-23562
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe.
User mode write access violations
Irfanview
IrfanView 32-bit - 4.54
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0xaefe: 1001688e d918 fstp dword ptr [eax] ds:002b:00000000=????????
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DCR file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
HuyenNT, KetDV from NCSC of Vietnam
CVE-2020-23563
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.
User mode write access violations
Irfanview
IrfanView 32-bit - 4.54
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x2cba: 1000e64a 6689044a mov word ptr [edx+ecx*2],ax ds:002b:0b091000=????
Local
User mode write access violations
To exploit vulnerability, someone must open a crafted DCR file.
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
LuongNP, ChienTD from NCSC of Vietnam