Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
XnView Multiple Buffer Overflow Vulnerabilities - Mar12 (Windows)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host has XnView installed and is prone to multiple heap based buffer overflow vulnerabilities. Vulnerabilities Insight: The flaws are due to - A signedness error in the FlashPix plugin (Xfpx.dll) when validating buffer sizes to process image's content. - An error when processing image data within Personal Computer eXchange (PCX) files. - A boundary error when parsing a directory, which allows attackers to cause a buffer overflow when browsing folder from an extracted archive file.
Affected Software
Affected Software
XnView versions 1.98.5 and prior on windows
Solution
Solution
Update to XnView version 1.98.8 or later.