Vulnerability Database

296,172

Total vulnerabilities in the database

CVE-2023-24304

Improper input validation in the PDF.dll plugin of IrfanView v4.60 allows attackers to execute arbitrary code via opening a crafted PDF file.

Published: Mar 28, 2023
Updated: Apr 14, 2023
CVE: CVE-2023-24304
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
irfanview / irfanview	4.60	4.60.x

https://www.sit.fraunhofer.de/CVE-2023-24304/