Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:xnview:xnview:1.99:*:*:*:*:*:*:*
Informations
Vendor
xnviewProduct
xnviewVersion
1.99Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file. | 7.8 |
Haute |
||
| Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file. | 7.8 |
Haute |
||
| Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file. | 7.8 |
Haute |
||
| Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file. | 7.8 |
Haute |
||
| xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow. | 7.8 |
Haute |
||
| Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow. | 9.8 |
Critique |
||
| Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file. | 9.3 |
|||
| Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. | 9.3 |
2025©
tesweb SA
