vendor:
IrfanView
by:
BraniX
7.5
CVSS
HIGH
Denial of Service
399
CWE
Product Name: IrfanView
Affected Version From: 4.28
Affected Version To: 4.28
Patch Exists: NO
Related CWE:
CPE: a:irfanview:irfanview:4.28
Platforms Tested: Windows XP SP3 Home Edition, Windows XP SP3 Professional
2011
IrfanView 4.28 DoS Vulnerability
The DoS vulnerability in IrfanView 4.28 is caused by a not handled Access Violation Exception in the module i_view32.exe. It can be triggered by opening a malicious ICO file.
Mitigation:
Update to a patched version of IrfanView.
