A vulnerability in the IrfanView FlashPix plugin exists due to the "Free_All_Memory()" function not properly setting certain decoder elements to NULL after freeing them, which can be exploited to cause a double-free condition via specially crafted FPX images. Proof of concept exploit included.
A vulnerability in the IrfanView FlashPix plugin exists due to the "Free_All_Memory()" function not properly setting certain decoder elements to NULL after freeing them, which can be exploited to cause a double-free condition via specially crafted FPX images. Proof of concept exploit included.