Denial of Service Vulnerability in IrfanView CADImage Plugin
CVE-2017-15737

7.8HIGH

Key Information:

Vendor

Irfanview
Status
Irfanview
Cadimage
Vendor
CVE Published:
22 October 2017

What is CVE-2017-15737?

The CADImage plugin for IrfanView version 12.0.0.5 is susceptible to a denial of service vulnerability. This is triggered when an attacker utilizes a specially crafted .dwg file, leading to a read access violation. This flaw may allow unauthorized users to disrupt the normal functionality of the application, raising significant concerns for users relying on this software.

References

https://github.com/wlinzi/security_advisories/tree/master...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.