CVE-2024-11519
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 22, 2024
Updated: Nov 26, 2024
CWE ID 119
CWE ID 787
Summary
CVE-2024-11519 is a remote code execution vulnerability affecting IrfanView, a popular image viewer application. The issue lies in the application's RLE (Rastlinje LZW) file parsing functionality. An attacker can exploit this vulnerability by supplying maliciously crafted RLE files. This results in memory corruption, allowing the attacker to execute arbitrary code on the affected system. User interaction is necessary for exploitation, as the target must open the malicious file or visit a specially crafted webpage.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share