IrfanView ImXCF.dll XCF File Handling Overflow
High Nessus Plugin ID 63303
SynopsisThe remote host has an application installed that is affected by a stack-based buffer overflow vulnerability.
DescriptionThe version of the XCF plugin (ImXCF.dll) for IrfanView is earlier than 22.214.171.1244. As such, it reportedly is affected by a stack-based buffer overflow caused by insufficient validation when processing XCF files. An attacker could exploit this vulnerability to execute arbitrary code by tricking a user into opening a specially crafted XCF file.
SolutionUpgrade the XCF plugin to version 126.96.36.1994 or later.