header-logo
Suggest Exploit
vendor:
XnView
by:
Not provided
7.5
CVSS
HIGH
Remote Heap-based Buffer Overflow
Not provided
CWE
Product Name: XnView
Affected Version From: Versions prior to XnView 1.97.5
Affected Version To: Not provided
Patch Exists: NO
Related CWE: Not provided
CPE: Not provided
Metasploit:
Other Scripts:
Platforms Tested: Not provided
Not provided

XnView Remote Heap-based Buffer Overflow Vulnerability

XnView is prone to a remote heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Mitigation:

Not provided
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/40852/info

XnView is prone to a remote heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Versions prior to XnView 1.97.5 are vulnerable. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/34143.rar