IrfanView FlashPix Plugin Heap Based Buffer Overflow
High Nessus Plugin ID 59848
SynopsisThe remote host has an application installed that is affected by a heap-based buffer overflow vulnerability.
DescriptionThe version of the IrfanView FlashPix plugin (Fpx.dll) was found to be less than 4.34. Such versions are affected by a heap-based buffer overflow vulnerability that can be triggered by tricking users into opening an .fpx file with a specially crafted FlashPix image that is not properly handled during decompression. Successful exploitation may allow arbitrary code to be executed on the affected host.
SolutionUpgrade the FlashPix plugin to version 184.108.40.206 (4.34) or higher.