hi, any news on a fix for CVE-2023-24304 ?
Announcement
Collapse
No announcement yet.
Cve-2023-24304
Collapse
X
-
Irfanview v4.62 allows a user-mode write access violation via a crafted JPEG 2000 file starting at JPEG2000+0x0000000000001bf0.
Any news on a new Update?
CVE-2023-26974Last edited by stipe.soldo; 12.04.2023, 10:55 AM.
Comment
-
Last edited by Bhikkhu Pesala; 12.04.2023, 08:22 AM.Before you post ... Edit your profile • IrfanView 4.62 • Windows 10 Home 19045.2486
Irfan Paint • Irfan View Help • IrfanPaint Help • Riot.dll • More Skins • FastStone Capture • Uploads
Comment
-
FYI: IrfanView 4.62 is currently being detected as a vulnerability in Acronis:
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26974
cve.org/CVERecord?id=CVE-2023-26974
Reference: github.com/overXsky/IrfanviewPoc
Comment
-
Individual plugins are being updated between IrfanView releases.
Please check PlugIns updated after the version 4.62 section on the Plugins download page.
?My system: IrfanView 4.62 64bit, Windows 10 22H2, Intel Core i5-3570, 16GB RAM, NVidia GTX 1050Ti 4GB
Comment
-
Updated after version 4.62- JP2 (JPEG2000) PlugIn (4.62) - ZIP (32 bit) or ZIP (64 bit) - Loading errors fixed, thanks to overXsky (CVE-2023-26974)
Before you post ... Edit your profile • IrfanView 4.62 • Windows 10 Home 19045.2486
Irfan Paint • Irfan View Help • IrfanPaint Help • Riot.dll • More Skins • FastStone Capture • Uploads
- Likes 1
Comment
-
Originally posted by Bhikkhu Pesala View PostUpdated after version 4.62- JP2 (JPEG2000) PlugIn (4.62) - ZIP (32 bit) or ZIP (64 bit) - Loading errors fixed, thanks to overXsky (CVE-2023-26974)
However, please note that it will not be recognized by Windows Defender portal or Acronis until you have upgraded to IrfanView version 4.63 or higher.
?Last edited by stipe.soldo; 13.04.2023, 05:19 AM.
Comment
Comment