CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS
Percentile
71.0%
The version of the IrfanView FlashPix plugin (Fpx.dll) was found to be earlier than 4.36. As such, it is affected by an integer overflow error within the ‘Fpx.dll’ module. The ‘Summary Information Property Set’ is not properly validated, which could result in a heap-based buffer overflow, allowing an attacker to cause a denial of service or execute arbitrary code.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(66784);
script_version("1.3");
script_cvs_date("Date: 2018/11/15 20:50:27");
script_cve_id("CVE-2013-3486");
script_bugtraq_id(60232);
script_name(english:"IrfanView FlashPix Plugin < 4.36 Summary Information Property Set Handling Integer Overflow");
script_summary(english:"Checks version of Fpx.dll");
script_set_attribute(
attribute:"synopsis",
value:
"The remote host has an application installed that is affected by a
buffer overflow vulnerability."
);
script_set_attribute(
attribute:"description",
value:
"The version of the IrfanView FlashPix plugin (Fpx.dll) was found to be
earlier than 4.36. As such, it is affected by an integer overflow error
within the 'Fpx.dll' module. The 'Summary Information Property Set' is
not properly validated, which could result in a heap-based buffer
overflow, allowing an attacker to cause a denial of service or execute
arbitrary code."
);
script_set_attribute(attribute:"see_also", value:"https://www.irfanview.com/plugins.htm");
script_set_attribute(attribute:"solution", value:"Upgrade the FlashPix plugin to version 4.3.6.0 (4.36) or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/05/30");
script_set_attribute(attribute:"patch_publication_date", value:"2013/05/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/06/04");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:irfanview:irfanview");
script_set_attribute(attribute:"cpe", value:"cpe:/a:irfanview:flashpix_plugin");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
script_dependencies("irfanview_installed.nasl");
script_require_keys("SMB/IrfanView/Version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
plugin = "Fpx.dll";
fix = '4.3.6.0';
kb_base = 'SMB/IrfanView/';
appname = "IrfanView " + plugin + " plugin";
path = get_kb_item_or_exit(kb_base + 'Path');
path += "\Plugins\" + plugin;
plugin_version = get_kb_item_or_exit(kb_base + 'Plugin_Version/' + plugin);
port = get_kb_item('SMB/transport');
if (!port) port = 445;
if (ver_compare(ver:plugin_version, fix:fix) == -1)
{
if (report_verbosity > 0)
{
report =
'\n Path : ' + path +
'\n Installed version : ' + plugin_version +
'\n Fixed version : ' + fix + ' (4.36)\n';
security_hole(port:port, extra:report);
}
else security_hole(port);
exit(0);
}
else audit(AUDIT_INST_VER_NOT_VULN, appname, plugin_version);
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS
Percentile
71.0%