Learn about CVE-2017-15739, a vulnerability in IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allowing attackers to execute arbitrary code or disrupt the system via a crafted .dwg file.
A vulnerability in IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or disrupt the system by exploiting a specially crafted .dwg file.
Understanding CVE-2017-15739
This CVE identifies a security flaw in IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5.
What is CVE-2017-15739?
The vulnerability allows attackers to execute arbitrary code or cause a denial of service by manipulating data starting at CADIMAGE+0x00000000000042d5.
The Impact of CVE-2017-15739
Attackers can exploit this vulnerability to execute arbitrary code or disrupt the functioning of the affected software.
Technical Details of CVE-2017-15739
This section provides technical details of the CVE.
Vulnerability Description
An opportunity for attackers to execute arbitrary code or disrupt the functioning of IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 has been identified. This can be done by exploiting a specially crafted .dwg file. The issue is related to the manipulation of data starting at CADIMAGE+0x00000000000042d5, which affects the subsequent Write Address.
Affected Systems and Versions
Exploitation Mechanism
The vulnerability can be exploited by using a specially crafted .dwg file to manipulate data starting at CADIMAGE+0x00000000000042d5.
Mitigation and Prevention
Protect your system from CVE-2017-15739 with the following steps:
Immediate Steps to Take
Long-Term Security Practices
Patching and Updates