First published: Thu Jan 02 2020(Updated: )
Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.
Credit: PSIRT-CNA@flexerasoftware.com
Affected Software | Affected Version | How to fix |
---|---|---|
Xnview Xnview | <2.13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-3937 is a vulnerability that allows remote attackers to execute arbitrary code in XnView before version 2.13.
CVE-2013-3937 has a severity rating of 7.8 (high).
The affected software of CVE-2013-3937 is XnView before version 2.13.
To fix CVE-2013-3937, you should update XnView to version 2.13 or later.
Yes, you can refer to the following links for more information on CVE-2013-3937: [http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087](http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087) and [http://secunia.com/advisories/52101](http://secunia.com/advisories/52101).