Heap-Based Buffer Overflow in FlashPix PlugIn for IrfanView
CVE-2012-0278

Currently unrated

Key Information:

Vendor

Irfanview
Status
FlasHPix Plugin
Vendor
CVE Published:
18 April 2012

What is CVE-2012-0278?

The FlashPix PlugIn for IrfanView prior to version 4.3.4.0 is susceptible to a heap-based buffer overflow vulnerability. This could allow remote attackers to execute arbitrary code by sending a specially crafted FlashPix image (.fpx) file, which is mishandled by the plugin during the decompression process. Proper validation of image files is crucial to mitigate potential exploitation and ensure the software's security.

References

http://www.securityfocus.com/bid/53009
vdb-entryx_refsource_BID
http://www.protekresearchlab.com/index.php?option=com_con...
x_refsource_MISC
http://secunia.com/advisories/48772
third-party-advisoryx_refsource_SECUNIA

EPSS Score

39% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.