» 2021 » 9월

Irfanview 4.57 is affected by an infinite loop when processing a crafted BMP file in the EFFECTS!AutoCrop_W component. This can cause a denial of service (DOS).

Source: CVE-2021-29365

CVE-2021-29366

Posted on 2021년 9월 29일2021년 9월 29일 by admin

CVE-2021-29366

A buffer overflow vulnerability in FORMATS!GetPlugInInfo+0x2de9 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.

Source: CVE-2021-29366

CVE-2021-29367

Posted on 2021년 9월 29일2021년 9월 29일 by admin

CVE-2021-29367

A buffer overflow vulnerability in WPG+0x1dda of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted WPG file.

Source: CVE-2021-29367

CVE-2021-41104

Posted on 2021년 9월 29일2021년 9월 29일 by admin

CVE-2021-41104

ESPHome is a system to control the ESP8266/ESP32. Anyone with web_server enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which `web_server` allows over-the-air (OTA) updates without checking user defined basic auth username & password. This issue is patched in version 2021.9.2. As a workaround, one may disable or remove `web_server`.

Source: CVE-2021-41104

CVE-2021-29358

Posted on 2021년 9월 29일2021년 9월 29일 by admin

CVE-2021-29358

A buffer overflow vulnerability in FORMATS!ReadPVR_W+0xfa of Irfanview 4.57 allows attackers to cause a denial of service (DOS) via a crafted PVR file.

Source: CVE-2021-29358