CVE-2008-0064

Опубликовано: 31 янв. 2008

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.

Ссылки

http://secunia.com/advisories/28326
Patch
Vendor Advisory
http://secunia.com/advisories/28710
Vendor Advisory
http://secunia.com/secunia_research/2008-1/advisory
Vendor Advisory
http://www.securityfocus.com/bid/27514
http://www.vupen.com/english/advisories/2008/0328
http://www.vupen.com/english/advisories/2008/0329
http://secunia.com/advisories/28326
Patch
Vendor Advisory
http://secunia.com/advisories/28710
Vendor Advisory
http://secunia.com/secunia_research/2008-1/advisory
Vendor Advisory
http://www.securityfocus.com/bid/27514
http://www.vupen.com/english/advisories/2008/0328
http://www.vupen.com/english/advisories/2008/0329

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:pierreegougelet:gfl_sdk:2.870:*:windows:*:*:*:*:*

cpe:2.3:a:pierreegougelet:nconvert:*:*:*:*:*:*:*:*

Версия до 4.85 (включая)

cpe:2.3:a:pierreegougelet:xnview:*:*:*:*:*:*:*:*

Версия до 1.91 (включая)

cpe:2.3:a:pierreegougelet:xnview:*:*:*:*:*:*:*:*

Версия до 1.92 (включая)

EPSS

Процентиль: 91%

0.06939

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-5qqv-mgw2-xhfq

github

почти 4 года назад