A graphic viewer installed on the remote host is affected by multiple vulnerabilities.
The remote Windows host contains a version of IrfanView prior to version 4.36. It is, therefore, reportedly affected by multiple vulnerabilities : - A heap-based buffer overflow vulnerability exists when parsing ANI images. An attacker can exploit this issue with a specially crafted ANI file, potentially leading to arbitrary code execution. - A flaw exists where DCX file headers are not properly sanitized, which could potentially lead to a denial of service. - An integer overflow vulnerability exists in the FlashPix Plugin (Fpx.dll) when handling sections of Summary Information Property sets, which could lead to arbitrary code execution.