IrfanView Formats Plugin TTF File Buffer Overflow Vulnerability
High Nessus Plugin ID 59847
SynopsisThe remote host has an application installed that is affected by a buffer overflow vulnerability.
DescriptionThe version of the IrfanView Formats plugin (Formats.dll) was found to be less than 4.34. Such versions are affected by a stack-based buffer overflow caused by insufficient bounds checking when parsing TTF font names. An attacker could exploit this vulnerability to execute arbitrary code by tricking a user into opening a specially crafted .ttf file.
SolutionUpgrade the Formats plugin to version 22.214.171.124 (4.34) or higher.