Name:
IrfanView.FlashPix.Plugin.Buffer.Overflow
Released Date:
Feb 4 2008
Severity:
critical
CVE:
2008-0493
Bugtraq:
27479

FortiGuard Center > Vulnerability Encyclopedia


In-Depth Analysis

Description
This indicates an attempt to exploit a buffer overflow vulnerability in the IrfanView FlashPix Plug-In.

The FlashPix plugin for IrfanView has a vulnerability which allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, resulting in a heap based buffer overflow.
 
Impact
System Compromise: remote attackers can gain control of vulnerable systems.
 
Affected Products
IrfanView FlashPix Plug-In v3.9.8.0 or prior.
Aliases
IrfanView.FlashPix.Plugin.Buffer.Overflow
References
http://www.securityfocus.com/bid/27479
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0493
http://graphcomp.com/info/specs/livepicture/fpx.pdf
Recommended Actions
Do not open untrusted fpx files.

 
 
SITE MAP  |  LEGAL NOTICES

      © 2003 FORTINET INC. ALL RIGHTS RESERVED