CVE-2024-11551
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 22, 2024
Updated: Nov 25, 2024
CWE ID 119
CWE ID 787
Summary
CVE-2024-11551 is a remote code execution vulnerability affecting IrfanView. This issue occurs during the parsing of DXF files and stems from insufficient data validation. An attacker can exploit this memory corruption flaw by tricking users into visiting a malicious page or opening a maliciously crafted file. Successful exploitation grants the adversary the ability to execute arbitrary code within the context of the targeted system. (ZDI-CAN-24749)
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share