IrfanView < 4.36 Multiple Vulnerabilities

high Nessus Plugin ID 68888

Synopsis

A graphic viewer installed on the remote host is affected by multiple vulnerabilities.

Description

The remote Windows host contains a version of IrfanView prior to version 4.36. It is, therefore, reportedly affected by multiple vulnerabilities :

- A heap-based buffer overflow vulnerability exists when parsing ANI images. An attacker can exploit this issue with a specially crafted ANI file, potentially leading to arbitrary code execution.

- A flaw exists where DCX file headers are not properly sanitized, which could potentially lead to a denial of service.

- An integer overflow vulnerability exists in the FlashPix Plugin (Fpx.dll) when handling sections of Summary Information Property sets, which could lead to arbitrary code execution.

Solution

Upgrade to IrfanView version 4.36 or later.

See Also

https://www.irfanview.com/main_history.htm

https://www.irfanview.com/history_old.htm

http://www.fuzzmyapp.com/advisories/FMA-2013-008/FMA-2013-008-EN.xml

http://www.fuzzmyapp.com/advisories/FMA-2012-028/FMA-2012-028-EN.xml

https://secuniaresearch.flexerasoftware.com//advisories/53579/

Plugin Details

Severity: High

ID: 68888

File Name: irfanview_436.nasl

Version: 1.3

Type: local

Agent: windows

Family: Windows

Published: 7/15/2013

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:irfanview:irfanview

Required KB Items: SMB/IrfanView/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 5/30/2013

Vulnerability Publication Date: 5/27/2013

Reference Information

CVE: CVE-2013-3486

BID: 61000