CNNVD-202507-2808 Information

Jul 21, 2025 cve

CNNVD ID

CNNVD-202507-2808

CVE-2025-7322

  • CNNVD Published: 2025-07-21

Description (Chinese)

IrfanView CADImage Plugin是IrfanView公司的一个CAD插件。 IrfanView CADImage Plugin存在缓冲区错误漏洞,该漏洞源于解析DWG文件时缺少对用户提供数据的验证,可能导致越界读取和远程代码执行。

Description (English)

IrfanView CADIMAGE Plugin is a CAD plugin for IrfanView. IrfanView CADImage Plugin has a buffer zone error loophole, which stems from the lack of validation of data provided by users when deciphering DWG files, which may lead to cross-border reading and remote code execution.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

IrfanView

Published

2025-07-21

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-569/

Patch

https://www.irfanview.com/

Share on: