Memory Corruption in IrfanView CADImage Plugin Allows Remote Code Execution
CVE-2025-7285
7.8HIGH
What is CVE-2025-7285?
A vulnerability in the IrfanView CADImage Plugin allows remote attackers to exploit a flaw in DXF file parsing which can lead to memory corruption. By enticing users to visit a malicious page or open a harmful file, attackers can execute arbitrary code within the affected application. This issue arises due to inadequate validation of user-supplied data, leading to potential manipulation of the current process. Protect your installations and remain vigilant against this exploit.
Affected Version(s)
IrfanView 4.70.0.0