CVE-2017-15738 : Security Advisory and Response
Discover the impact of CVE-2017-15738 on IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5. Learn about the denial of service risk and how to mitigate it.
CVE-2017-15738 was published on October 22, 2017, and involves a vulnerability in IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 that could result in a denial of service or other consequences when encountering a manipulated .dwg file.
Understanding CVE-2017-15738
This CVE entry highlights a potential security issue in IrfanView and the CADImage plugin that could be exploited by attackers.
What is CVE-2017-15738?
The vulnerability in IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 may lead to a denial of service or unknown consequences when a specifically manipulated .dwg file is encountered.
The Impact of CVE-2017-15738
The presence of this vulnerability could result in a denial of service or other unspecified impacts when the affected software processes a crafted .dwg file.
Technical Details of CVE-2017-15738
This section provides more technical insights into the vulnerability.
Vulnerability Description
The issue arises from a "Read Access Violation" starting at CADIMAGE+0x00000000003d22d8 when processing a manipulated .dwg file.
Affected Systems and Versions
- Product: IrfanView 4.50 - 64bit
- Plugin Version: CADImage plugin version 12.0.0.5
Exploitation Mechanism
The vulnerability can be exploited by providing a specifically manipulated .dwg file to the affected software, triggering the