The security researcher Francis Provencher discovered a critical security hole in a plug-in for the much-used image viewer and image editor Irfan View, who did not make it public but disclosed it as confidential Secunia reported.

IrfanView FlashPix Plugin Image Decompression Buffer Overflow

That is affected FlashPix plugin because an attacker could infect the system with malicious code through a buffer overflow.
It is sufficient to open an appropriately prepared picture in FlashPix format in IrfanView. Even if it is a less used format, there is still a risk. The security gap was discovered in version 4.3.2.0, but the previous versions can also be affected.

The security gap in the IrfanView plugins has been fixed with version 4.3.3.0

An update should be carried out as the security vulnerability is now public.
Our download has been updated accordingly and brought up to date with version 4.3.3.0 from March 28.03.2012, XNUMX.

To download the IrfanView plugins

.