exploitDog

CVE-2013-3246

Опубликовано: 02 янв. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file.

Ссылки

http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml
Exploit
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/84643
VDB Entry
http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml
Exploit
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/84643
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:xnview:xnview:*:*:*:*:*:*:*:*

Версия до 2.03 (исключая)

EPSS

Процентиль: 82%

0.01652

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-h9m8-w9xg-7744

github

почти 4 года назад

Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file.

EPSS

Процентиль: 82%

0.01652

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787