Arbitrary Code Execution Vulnerability in IrfanView with FPX Plugin
CVE-2017-9535
7.8HIGH
What is CVE-2017-9535?
The IrfanView application version 4.44 (32bit) combined with the FPX Plugin version 4.46 is vulnerable to an issue that enables attackers to execute arbitrary code or lead to a denial of service through specially crafted .fpx files. This vulnerability is associated with a specific fault in the user mode, particularly at a location in the FPX code responsible for processing plugin information. Users should take caution and ensure their software is updated to mitigate risks associated with this security issue.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved