Published: 18/04/2012 Updated: 15/02/2013

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in the FlashPix PlugIn prior to 4.3.4.0 for IrfanView might allow remote malicious users to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression.

Vulnerable Product	Search on Vulmon	Subscribe to Product
irfanview flashpix_plugin
irfanview flashpix_plugin 4.32

##################################################################################### Application: IrfanView FlashPix PlugIn Decompression Heap Overflow Platforms: Windows Secunia Number: SA48772 {PRL}: 2012-08 Author: Francis Provencher (Protek Research Lab's) Website: wwwprotekresearchlabcom/ Twitter: @ProtekResearc ...

CWE-119 http://secunia.com/advisories/48772 http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=41&Itemid=41 http://www.securityfocus.com/bid/53009 https://nvd.nist.gov https://www.exploit-db.com/exploits/18739/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-0278

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect