Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50

Arbitrary Code Execution and Denial of Service Vulnerability in IrfanView 4.44 (32bit) with TOOLS Plugin 4.50

CVE-2017-9920 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

IrfanView version 4.44 (32bit) with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpResSearchResourceInsideDirectory+0x000000000000029e."

Learn more about our Web Application Penetration Testing UK.