IrfanView FlashPix Plugin < 4.36 Summary Information Property Set Handling Integer Overflow
High Nessus Plugin ID 66784
SynopsisThe remote host has an application installed that is affected by a buffer overflow vulnerability.
DescriptionThe version of the IrfanView FlashPix plugin (Fpx.dll) was found to be earlier than 4.36. As such, it is affected by an integer overflow error within the 'Fpx.dll' module. The 'Summary Information Property Set' is not properly validated, which could result in a heap-based buffer overflow, allowing an attacker to cause a denial of service or execute arbitrary code.
SolutionUpgrade the FlashPix plugin to version 184.108.40.206 (4.36) or later.