The host is installed with IrfanView 4.53 and is prone to an User mode write AV vulnerability. A flaw is present in the application, which fails to handle a crafter JPEG_LS file. Successful exploitation could allow attackers to use data from faulting address to control code flow.