CNNVD-202507-2802 Information

CNNVD ID

CNNVD-202507-2802

Related CVE

CVE-2025-7315

• CNNVD Published: 2025-07-21

Description (Chinese)

IrfanView CADImage Plugin是IrfanView公司的一个CAD插件。 IrfanView CADImage Plugin存在缓冲区错误漏洞，该漏洞源于解析DWG文件时缺少对用户提供数据的验证，可能导致内存损坏和远程代码执行。

Description (English)

IrfanView CADIMAGE Plugin is a CAD plugin for IrfanView. IrfanView CADImage Plugin has an error loophole in the buffer zone, resulting from the lack of validation of data provided by users when deciphering DWG files, which may lead to memory damage and remote code execution.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

IrfanView

Published

2025-07-21

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-562/

Patch

https://www.irfanview.com/