CVE-2012-0276: Buffer Overflow
First published: Tue Jul 17 2012(Updated: )
Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL.
Credit: PSIRT-CNA@flexerasoftware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xnview Xnview | <=1.98.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://newsgroup.xnview.com/viewtopic.php?f=35&t=25858
- http://secunia.com/advisories/48666
- http://www.exploit-db.com/exploits/19337
- http://www.exploit-db.com/exploits/19338
- http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=48
- http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=49
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/xnview
- canonical/xnview xnview
- version/xnview xnview/1.98.8