Secunia: 25% of computers have vulnerable IrfanView installed
Secunia Research has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error when importing palette (*.pal) files. This can be exploited to cause a stack-based buffer overflow by tricking a user into importing a specially crafted palette (*.pal) file.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 4.00. Other versions may also be affected.
Update to version 4.10.
25% of computers have vulnerable IrfanView installed - Blog - Secunia
Back to: PC Security, privacy news