CNNVD-202507-2740 Information

CNNVD ID

CNNVD-202507-2740

Related CVE

CVE-2025-7253

• CNNVD Published: 2025-07-21

Description (Chinese)

IrfanView CADImage Plugin是IrfanView公司的一个CAD插件。 IrfanView CADImage Plugin存在缓冲区错误漏洞，该漏洞源于解析DWG文件时缺乏对用户数据的验证，可能导致内存损坏和执行任意代码。

Description (English)

IrfanView CADIMAGE Plugin is a CAD plugin for IrfanView. IrfanView CADImage Plugin has an error loophole in the buffer zone, which stems from the lack of validation of user data when deciphering DWG files, which could lead to memory damage and the enforcement of arbitrary codes.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

IrfanView

Published

2025-07-21

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-493/

Patch

https://www.irfanview.com/