CVE-2010-1510: Buffer Overflow
First published: Fri May 14 2010(Updated: )
Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PSD image with RLE compression.
Credit: PSIRT-CNA@flexerasoftware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IrfanView | <=4.25 | |
| IrfanView | =1.70 | |
| IrfanView | =1.75 | |
| IrfanView | =1.80 | |
| IrfanView | =1.85 | |
| IrfanView | =1.90 | |
| IrfanView | =1.95 | |
| IrfanView | =1.97 | |
| IrfanView | =1.98 | |
| IrfanView | =1.98a | |
| IrfanView | =1.99 | |
| IrfanView | =2.00 | |
| IrfanView | =2.05 | |
| IrfanView | =2.07 | |
| IrfanView | =2.10 | |
| IrfanView | =2.12 | |
| IrfanView | =2.15 | |
| IrfanView | =2.17 | |
| IrfanView | =2.18 | |
| IrfanView | =2.20 | |
| IrfanView | =2.22 | |
| IrfanView | =2.25 | |
| IrfanView | =2.27 | |
| IrfanView | =2.30 | |
| IrfanView | =2.32 | |
| IrfanView | =2.35 | |
| IrfanView | =2.37 | |
| IrfanView | =2.40 | |
| IrfanView | =2.50 | |
| IrfanView | =2.52 | |
| IrfanView | =2.55 | |
| IrfanView | =2.60 | |
| IrfanView | =2.62 | |
| IrfanView | =2.63 | |
| IrfanView | =2.65 | |
| IrfanView | =2.66 | |
| IrfanView | =2.68 | |
| IrfanView | =2.80 | |
| IrfanView | =2.82 | |
| IrfanView | =2.83 | |
| IrfanView | =2.85 | |
| IrfanView | =2.90 | |
| IrfanView | =2.92 | |
| IrfanView | =2.95 | |
| IrfanView | =2.97 | |
| IrfanView | =2.98 | |
| IrfanView | =3.00 | |
| IrfanView | =3.02 | |
| IrfanView | =3.05 | |
| IrfanView | =3.07 | |
| IrfanView | =3.10 | |
| IrfanView | =3.12 | |
| IrfanView | =3.15 | |
| IrfanView | =3.17 | |
| IrfanView | =3.20 | |
| IrfanView | =3.21 | |
| IrfanView | =3.25 | |
| IrfanView | =3.30 | |
| IrfanView | =3.33 | |
| IrfanView | =3.35 | |
| IrfanView | =3.36 | |
| IrfanView | =3.50 | |
| IrfanView | =3.51 | |
| IrfanView | =3.60 | |
| IrfanView | =3.61 | |
| IrfanView | =3.70 | |
| IrfanView | =3.75 | |
| IrfanView | =3.80 | |
| IrfanView | =3.85 | |
| IrfanView | =3.90 | |
| IrfanView | =3.91 | |
| IrfanView | =3.92 | |
| IrfanView | =3.95 | |
| IrfanView | =3.97 | |
| IrfanView | =3.98 | |
| IrfanView | =3.99 | |
| IrfanView | =4.00 | |
| IrfanView | =4.10 | |
| IrfanView | =4.20 | |
| IrfanView | =4.22 | |
| IrfanView | =4.23 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://irfanview.com/main_history.htm
- http://osvdb.org/64628
- http://secunia.com/advisories/39036
- http://secunia.com/secunia_research/2010-42
- http://www.securityfocus.com/archive/1/511275/100/0/threaded
- http://www.securityfocus.com/bid/40105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58549
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7397
Frequently Asked Questions
What is the severity of CVE-2010-1510?
CVE-2010-1510 is classified as a medium severity vulnerability due to its potential to cause application crashes or arbitrary code execution.
How do I fix CVE-2010-1510?
To fix CVE-2010-1510, update IrfanView to version 4.27 or later, which addresses the buffer overflow issue.
What type of attack can exploit CVE-2010-1510?
CVE-2010-1510 can be exploited by remote attackers through specially crafted PSD images that utilize RLE compression.
Which versions of IrfanView are affected by CVE-2010-1510?
CVE-2010-1510 affects IrfanView versions before 4.27, including versions as low as 1.70.
What are the potential consequences of an exploit for CVE-2010-1510?
Exploiting CVE-2010-1510 can lead to denial of service by crashing the application or potentially allowing the execution of arbitrary code.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/weakness
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/irfanview
- canonical/irfanview
- version/irfanview/4.25
- version/irfanview/1.70
- version/irfanview/1.75
- version/irfanview/1.80
- version/irfanview/1.85
- version/irfanview/1.90
- version/irfanview/1.95
- version/irfanview/1.97
- version/irfanview/1.98
- version/irfanview/1.98a
- version/irfanview/1.99
- version/irfanview/2.00
- version/irfanview/2.05
- version/irfanview/2.07
- version/irfanview/2.10
- version/irfanview/2.12
- version/irfanview/2.15
- version/irfanview/2.17
- version/irfanview/2.18
- version/irfanview/2.20
- version/irfanview/2.22
- version/irfanview/2.25
- version/irfanview/2.27
- version/irfanview/2.30
- version/irfanview/2.32
- version/irfanview/2.35
- version/irfanview/2.37
- version/irfanview/2.40
- version/irfanview/2.50
- version/irfanview/2.52
- version/irfanview/2.55
- version/irfanview/2.60
- version/irfanview/2.62
- version/irfanview/2.63
- version/irfanview/2.65
- version/irfanview/2.66
- version/irfanview/2.68
- version/irfanview/2.80
- version/irfanview/2.82
- version/irfanview/2.83
- version/irfanview/2.85
- version/irfanview/2.90
- version/irfanview/2.92
- version/irfanview/2.95
- version/irfanview/2.97
- version/irfanview/2.98
- version/irfanview/3.00
- version/irfanview/3.02
- version/irfanview/3.05
- version/irfanview/3.07
- version/irfanview/3.10
- version/irfanview/3.12
- version/irfanview/3.15
- version/irfanview/3.17
- version/irfanview/3.20
- version/irfanview/3.21
- version/irfanview/3.25
- version/irfanview/3.30
- version/irfanview/3.33
- version/irfanview/3.35
- version/irfanview/3.36
- version/irfanview/3.50
- version/irfanview/3.51
- version/irfanview/3.60
- version/irfanview/3.61
- version/irfanview/3.70
- version/irfanview/3.75
- version/irfanview/3.80
- version/irfanview/3.85
- version/irfanview/3.90
- version/irfanview/3.91
- version/irfanview/3.92
- version/irfanview/3.95
- version/irfanview/3.97
- version/irfanview/3.98
- version/irfanview/3.99
- version/irfanview/4.00
- version/irfanview/4.10
- version/irfanview/4.20
- version/irfanview/4.22
- version/irfanview/4.23