CVE-2025-7244

Name of the Vulnerable Software and Affected Versions IrfanView CADImage Plugin versions (affected versions not specified)

Description This issue involves a memory corruption flaw in the DWG file parsing component of the IrfanView CADImage Plugin. Exploitation of this flaw could allow a remote attacker to execute arbitrary code within the context of the current process. User interaction is required, specifically, the target must open a malicious file or visit a malicious page. The root cause is insufficient validation of user-supplied data during DWG file parsing, leading to a memory corruption condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.