CNNVD-202507-2764 Information
Jul 21, 2025
cve
CNNVD ID
CNNVD-202507-2764
Related CVE
- CNNVD Published: 2025-07-21
Description (Chinese)
IrfanView CADImage Plugin是IrfanView公司的一个CAD插件。 IrfanView CADImage Plugin存在缓冲区错误漏洞,该漏洞源于解析DWG文件时缺少对用户提供数据的验证,可能导致内存损坏和执行任意代码。
Description (English)
IrfanView CADIMAGE Plugin is a CAD plugin for IrfanView. IrfanView CADImage Plugin had an error loophole in the buffer zone, which stemmed from the lack of validation of data provided by users when deciphering DWG files, which could lead to memory damage and the implementation of any code.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
IrfanView
Published
2025-07-21
Last Modified
2026-02-24
References
https://www.zerodayinitiative.com/advisories/ZDI-25-524/