CVE-2012-0684: Integer Overflow
First published: Wed May 09 2012(Updated: )
Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0685.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| XnView | <=1.98.4 | |
| XnView | =1.0-a | |
| XnView | =1.01 | |
| XnView | =1.02 | |
| XnView | =1.03 | |
| XnView | =1.04 | |
| XnView | =1.05 | |
| XnView | =1.05-b | |
| XnView | =1.05-c | |
| XnView | =1.06 | |
| XnView | =1.07 | |
| XnView | =1.08 | |
| XnView | =1.09 | |
| XnView | =1.10 | |
| XnView | =1.11 | |
| XnView | =1.12 | |
| XnView | =1.13 | |
| XnView | =1.14 | |
| XnView | =1.15 | |
| XnView | =1.16 | |
| XnView | =1.17 | |
| XnView | =1.17-a | |
| XnView | =1.18 | |
| XnView | =1.18.1 | |
| XnView | =1.19 | |
| XnView | =1.20 | |
| XnView | =1.21 | |
| XnView | =1.22 | |
| XnView | =1.23 | |
| XnView | =1.24 | |
| XnView | =1.25 | |
| XnView | =1.25-a | |
| XnView | =1.30 | |
| XnView | =1.31 | |
| XnView | =1.32 | |
| XnView | =1.33 | |
| XnView | =1.34 | |
| XnView | =1.35 | |
| XnView | =1.36 | |
| XnView | =1.37 | |
| XnView | =1.40 | |
| XnView | =1.41 | |
| XnView | =1.45 | |
| XnView | =1.46 | |
| XnView | =1.50 | |
| XnView | =1.50.1 | |
| XnView | =1.55 | |
| XnView | =1.60 | |
| XnView | =1.61 | |
| XnView | =1.65 | |
| XnView | =1.66 | |
| XnView | =1.67 | |
| XnView | =1.68 | |
| XnView | =1.68.1 | |
| XnView | =1.70 | |
| XnView | =1.70.2 | |
| XnView | =1.70.3 | |
| XnView | =1.70.4 | |
| XnView | =1.74 | |
| XnView | =1.80 | |
| XnView | =1.80.1 | |
| XnView | =1.80.2 | |
| XnView | =1.80.3 | |
| XnView | =1.82 | |
| XnView | =1.82.2 | |
| XnView | =1.82.3 | |
| XnView | =1.82.4 | |
| XnView | =1.90 | |
| XnView | =1.90.1 | |
| XnView | =1.90.3 | |
| XnView | =1.91 | |
| XnView | =1.91.1 | |
| XnView | =1.91.2 | |
| XnView | =1.91.3 | |
| XnView | =1.91.4 | |
| XnView | =1.91.5 | |
| XnView | =1.91.6 | |
| XnView | =1.92 | |
| XnView | =1.92.1 | |
| XnView | =1.93 | |
| XnView | =1.93.1 | |
| XnView | =1.93.2 | |
| XnView | =1.93.3 | |
| XnView | =1.93.4 | |
| XnView | =1.93.6 | |
| XnView | =1.94 | |
| XnView | =1.94.1 | |
| XnView | =1.94.2 | |
| XnView | =1.95 | |
| XnView | =1.95.1 | |
| XnView | =1.95.2 | |
| XnView | =1.95.3 | |
| XnView | =1.95.4 | |
| XnView | =1.96 | |
| XnView | =1.96.1 | |
| XnView | =1.96.2 | |
| XnView | =1.96.5 | |
| XnView | =1.97 | |
| XnView | =1.97.1 | |
| XnView | =1.97.2 | |
| XnView | =1.97.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-0684?
CVE-2012-0684 has been classified as a critical vulnerability due to its potential to allow remote attackers to execute arbitrary code.
How do I fix CVE-2012-0684?
To mitigate CVE-2012-0684, users should upgrade XnView to version 1.98.5 or later.
What versions of XnView are affected by CVE-2012-0684?
CVE-2012-0684 affects all versions of XnView prior to 1.98.5.
What type of vulnerability is CVE-2012-0684?
CVE-2012-0684 is an integer overflow vulnerability found in XnView.
Can CVE-2012-0684 be exploited through crafted files?
Yes, CVE-2012-0684 can be exploited by sending specially crafted files to the target application.
- agent/type
- agent/softwarecombine
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/xnview
- canonical/xnview
- version/xnview/1.98.4
- version/xnview/1.0-a
- version/xnview/1.01
- version/xnview/1.02
- version/xnview/1.03
- version/xnview/1.04
- version/xnview/1.05
- version/xnview/1.05-b
- version/xnview/1.05-c
- version/xnview/1.06
- version/xnview/1.07
- version/xnview/1.08
- version/xnview/1.09
- version/xnview/1.10
- version/xnview/1.11
- version/xnview/1.12
- version/xnview/1.13
- version/xnview/1.14
- version/xnview/1.15
- version/xnview/1.16
- version/xnview/1.17
- version/xnview/1.17-a
- version/xnview/1.18
- version/xnview/1.18.1
- version/xnview/1.19
- version/xnview/1.20
- version/xnview/1.21
- version/xnview/1.22
- version/xnview/1.23
- version/xnview/1.24
- version/xnview/1.25
- version/xnview/1.25-a
- version/xnview/1.30
- version/xnview/1.31
- version/xnview/1.32
- version/xnview/1.33
- version/xnview/1.34
- version/xnview/1.35
- version/xnview/1.36
- version/xnview/1.37
- version/xnview/1.40
- version/xnview/1.41
- version/xnview/1.45
- version/xnview/1.46
- version/xnview/1.50
- version/xnview/1.50.1
- version/xnview/1.55
- version/xnview/1.60
- version/xnview/1.61
- version/xnview/1.65
- version/xnview/1.66
- version/xnview/1.67
- version/xnview/1.68
- version/xnview/1.68.1
- version/xnview/1.70
- version/xnview/1.70.2
- version/xnview/1.70.3
- version/xnview/1.70.4
- version/xnview/1.74
- version/xnview/1.80
- version/xnview/1.80.1
- version/xnview/1.80.2
- version/xnview/1.80.3
- version/xnview/1.82
- version/xnview/1.82.2
- version/xnview/1.82.3
- version/xnview/1.82.4
- version/xnview/1.90
- version/xnview/1.90.1
- version/xnview/1.90.3
- version/xnview/1.91
- version/xnview/1.91.1
- version/xnview/1.91.2
- version/xnview/1.91.3
- version/xnview/1.91.4
- version/xnview/1.91.5
- version/xnview/1.91.6
- version/xnview/1.92
- version/xnview/1.92.1
- version/xnview/1.93
- version/xnview/1.93.1
- version/xnview/1.93.2
- version/xnview/1.93.3
- version/xnview/1.93.4
- version/xnview/1.93.6
- version/xnview/1.94
- version/xnview/1.94.1
- version/xnview/1.94.2
- version/xnview/1.95
- version/xnview/1.95.1
- version/xnview/1.95.2
- version/xnview/1.95.3
- version/xnview/1.95.4
- version/xnview/1.96
- version/xnview/1.96.1
- version/xnview/1.96.2
- version/xnview/1.96.5
- version/xnview/1.97
- version/xnview/1.97.1
- version/xnview/1.97.2
- version/xnview/1.97.4