2024-11-25
:
A critical vulnerability (CVE-2024-11525) exists in IrfanView that allows remote attackers to execute malicious code on a victim’s computer. This vulnerability affects how IrfanView parses DXF files. An attacker can exploit this by tricking a user into opening a specially crafted DXF file.
Vulnerability Details:
Platform: IrfanView
Version: All versions (unaffected versions not yet identified)
Vulnerability: DXF File Parsing Use-After-Free Remote Code Execution
Severity: Critical
Date: November 22, 2024 (discovered), November 25, 2024 (updated)
What Undercode Says:
This is a critical vulnerability that could allow attackers to take complete control of an affected system. Users of IrfanView should update to the latest version as soon as possible or avoid opening untrusted DXF files.
Additional Notes:
This vulnerability was reported by the Zero Day Initiative (ZDI).
There is no further information available about exploit code or affected versions at this time.
It is important to patch your software as soon as possible to mitigate this risk.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help