Ravens PHP Scripts

IrfanView FlashPix Plug-in Memory Corruption Vulnerability
Date: Tuesday, January 29, 2008 @ 18:12:21 CET
Topic: Security


SECUNIA ADVISORY ID: SA28688

VERIFY ADVISORY: http://secunia.com/advisories/28688/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE: IrfanView FlashPix Plug-In 3.x - http://secunia.com/product/17367/

DESCRIPTION: Marsu has discovered a vulnerability in the FlashPix plug-in for IrfanView, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is confirmed in version 3.9.8.0 of fpx.dll. Other versions may also be affected.



The vulnerability is caused due to an error within the FlashPix plug-in (fpx.dll) when processing FlashPix (*.fpx) files. This can be exploited to cause a heap corruption by e.g. tricking a user into opening a specially crafted FlashPix file. Successful exploitation may allow the execution of arbitrary code.

SOLUTION: Do not open untrusted FlashPix (*.fpx) files.

PROVIDED AND/OR DISCOVERED BY: Marsu

ORIGINAL ADVISORY: http://milw0rm.com/exploits/4998






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3213