Summary
This host has IrfanView with JPEG-2000 plugin installed and is prone to stack based buffer overflow vulnerability.
Impact
Successful exploitation will allow attackers to execute arbitrary code.
Impact Level: Application
Solution
Upgrade IrfanView JPEG-2000 Plugin version to 4.33 or later For updates refer to http://www.irfanview.com/plugins.htm
Insight
The flaw is due to an error in the JPEG2000 plug-in when processing the Quantization Default (QCD) marker segment. This can be exploited to cause a stack-based buffer overflow via a specially crafted JPEG2000 (JP2) file.
Affected
IrfanView JPEG-2000 Plugin version prior to 4.33
References
Severity
Classification
-
CVE CVE-2012-0897 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities