CVE-2023-43250

Опубликовано: 18 окт. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There is a User Mode Write AV via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.

Ссылки

http://packetstormsecurity.com/files/175145/XNSoft-Nconvert-7.136-Buffer-Overflow-Denial-Of-Service.html
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2023/Oct/15
Exploit
Mailing List
Third Party Advisory
https://github.com/mrtouch93/exploits/tree/main/NConvert7.136/User%20Mode%20Write%20AV
Exploit
Third Party Advisory
https://www.xnview.com/en/nconvert/
Product
http://packetstormsecurity.com/files/175145/XNSoft-Nconvert-7.136-Buffer-Overflow-Denial-Of-Service.html
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2023/Oct/15
Exploit
Mailing List
Third Party Advisory
https://github.com/mrtouch93/exploits/tree/main/NConvert7.136/User%20Mode%20Write%20AV
Exploit
Third Party Advisory
https://www.xnview.com/en/nconvert/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:xnview:nconvert:7.136:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00176

Низкий

7.8 High

CVSS3

Дефекты

CWE-120

Связанные уязвимости

GHSA-57rr-j54c-gw9x