Design/Logic Flaw

2017-07-0520:29:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.8%

JSON

IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a “User Mode Write AV starting at FPX!FPX_GetScanDevicePropertyGroup+0x0000000000000f53.”

CPENameOperatorVersion
fpxeq4.46
irfanvieweq4.44

CPE	Name	Operator	Version
	fpx	eq	4.46
	irfanview	eq	4.44

References

www.irfanview.com/plugins.htm

github.com/wlinzi/security_advisories/tree/master/CVE-2017-9528