2024-11-22
:
IrfanView, a popular image viewer, is affected by a high-severity vulnerability (CVE-2024-11520) that could allow remote attackers to execute arbitrary code on vulnerable installations. The vulnerability stems from improper validation of user-supplied data in the parsing of ARW files, leading to a potential buffer overflow. Successful exploitation requires user interaction, such as visiting a malicious website or opening a malicious file.
Form:
Platform: IrfanView
Version: Affected versions prior to 4.70
Vulnerability: Remote Code Execution
Severity: High
Date: 2024
What Undercode Says:
IrfanView, a widely-used image viewer, has been found to be vulnerable to a critical remote code execution vulnerability. This vulnerability, tracked as CVE-2024-11520, could allow attackers to compromise systems by enticing users to open malicious ARW files. It’s imperative for users to update to the latest version of IrfanView (4.70 or later) to mitigate this risk. This vulnerability highlights the importance of keeping software up-to-date and exercising caution when opening files from untrusted sources.
References:
Reported By: Zerodayinitiative.com
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help