Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2017-9876

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX!FPX_GetScanDevicePropertyGroup+0x000000000000c995."

  • Published: Jul 5, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-9876
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
irfanview / irfanview 4.44 4.44.x
irfanview / fpx 4.46 4.46.x