CVE-2024-9261
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-9261 is a stack-based buffer overflow vulnerability affecting IrfanView's SID file parsing functionality. This issue permits remote code execution, making it a significant security concern. The flaw arises due to insufficient validation of user-supplied data, leading to the copying of unchecked data to a stack-based buffer. An attacker can exploit this vulnerability by compelling the target to visit a malicious webpage or open a malicious file. Successful exploitation grants the attacker the ability to execute arbitrary code within the IrfanView process. (ZDI-CAN-23283)
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.