exploitDog

GHSA-7wcg-hrgc-r929

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x0000700b00260112 called from CADIMAGE+0x00000000003d35ad."

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x0000700b00260112 called from CADIMAGE+0x00000000003d35ad."

Ссылки

EPSS

Процентиль: 53%

0.00298

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-119

Связанные уязвимости

CVE-2017-15747

CVSS3: 7.8

nvd

больше 8 лет назад

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x0000700b00260112 called from CADIMAGE+0x00000000003d35ad."

EPSS

Процентиль: 53%

0.00298

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-119