Lucene search

[email protected]CVE-2008-0493

HistoryJan 30, 2008 - 10:00 p.m.

CVE-2008-0493

2008-01-3022:00:00

CWE-119

[email protected]

web.nvd.nist.gov

flashpix plugin

irfanview 4.10

remote code execution

cve-2008-0493

fpx.dll

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.134 Low

EPSS

Percentile

95.6%

JSON

fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

irfanviewirfanviewMatch4.10

CPENameOperatorVersion
irfanview:irfanviewirfanvieweq4.10

CPE	Name	Operator	Version
irfanview:irfanview	irfanview	eq	4.10

References

secunia.com/advisories/28688

www.securityfocus.com/bid/27479

www.vupen.com/english/advisories/2008/0318

exchange.xforce.ibmcloud.com/vulnerabilities/40012

www.exploit-db.com/exploits/4998

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.134 Low

EPSS

Percentile

95.6%

JSON

Related for CVE-2008-0493

cvelist1 nvd1 prion1