CNNVD-202507-2763 Information

Jul 21, 2025 cve

CNNVD ID

CNNVD-202507-2763

CVE-2025-7279

CNNVD Published: 2025-07-21

Description (Chinese)

IrfanView CADImage Plugin是IrfanView公司的一个CAD插件。 IrfanView CADImage Plugin存在缓冲区错误漏洞，该漏洞源于解析CGM文件时缺少对用户提供数据的验证，可能导致越界读取和执行任意代码。

Description (English)

IrfanView CADIMAGE Plugin is a CAD plugin for IrfanView. IrfanView CADImage Plugin had an error loophole in the buffer zone, which stemmed from the lack of validation of the data provided by users when deciphering the CGM file, which could lead to cross-border reading and enforcement of any code.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

IrfanView

Published

2025-07-21

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-527/

Patch

https://www.irfanview.com/

Share on: