IrfanView FlashPix Plug-in Memory Corruption Vulnerability

Discussion in 'other security issues & news' started by ronjor, Jan 29, 2008.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    Secunia
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hi,
    The latest version is 4.10... wouldn't this be a solution...?
    Mrk
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
  4. Gizzy

    Gizzy Registered Member

    Joined:
    Oct 5, 2007
    Posts:
    149
    Location:
    NJ, USA
    Figures I just downloaded irfanview yesterday,

    since it's a plug-in that means it doesn't come with the main install of irfanview?

    and how do I find out if I have this plug-in?

    like I said I'm new to irfanview.
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    I would just sit tight, don't open untrusted flashpix files, and wait for an update.

    Just because a bughunter found a glitch doesn't mean you will immediately have problems.

    I'm sure the author will update the program asap.

    Irfanview has a forum as well. http://en.irfanview-forum.de/vb/

    If you look under Program Files, Irfanview, plugins, the .dll file will be listed as fpx.dll. You can right click on this .dll and select properties, and it will show you the version.

    You could also uninstall Irfanview and do a reinstall without the plugins.
     
    Last edited: Jan 29, 2008
  6. Gizzy

    Gizzy Registered Member

    Joined:
    Oct 5, 2007
    Posts:
    149
    Location:
    NJ, USA
    Thenks for the reply,

    I don't seem to have that plug-in installed which is fine since I never even see flash pix files.
     
Loading...
Thread Status:
Not open for further replies.