IrfanView Plugin Vulnerability - 20240722001¶
Overview¶
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of WSQ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
What is vulnerable?¶
| Product(s) Affected | CVE | Severity | CVSS |
|---|---|---|---|
| WSQ Plugin (all versions before 2024.6.30) | CVE-2023-6811 | High | 7.2 |
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe (refer Patch Management):
- IrfanView Plugins: https://www.irfanview.com/plugins.htm
Additional References¶
- Zero Day Initiative: https://www.zerodayinitiative.com/advisories/ZDI-24-903/