CVE-2017-15242

Name of the Vulnerable Software and Affected Versions IrfanView version 4.44 (32bit) with PDF plugin version 4.43

Description The issue allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to a "User Mode Write AV starting at PDF!xmlGetGlobalState+0x0000000000031abe."

Recommendations For IrfanView version 4.44 (32bit) with PDF plugin version 4.43, consider avoiding the use of the PDF plugin until a patch is available. As a temporary workaround, refrain from opening untrusted .pdf files with the affected IrfanView version to minimize the risk of exploitation.