CVE-2012-0278
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
18/04/2012
Last modified:
11/04/2025
Description
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression.
Impact
Base Score 2.0
9.30
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:irfanview:flashpix_plugin:*:*:*:*:*:*:*:* | 4.33 (including) | |
| cpe:2.3:a:irfanview:flashpix_plugin:4.32:*:*:*:*:*:*:* | ||
| cpe:2.3:a:irfanview:irfanview:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/48772
- http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=41&Itemid=41
- http://www.securityfocus.com/bid/53009
- http://secunia.com/advisories/48772
- http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=41&Itemid=41
- http://www.securityfocus.com/bid/53009