Summary
This host has XnView installed and is prone to multiple integer overflow vulnerabilities.
Vulnerabilities Insight:
The flaws are due to integer overflow errors within the parsing of PSD record types and can be exploited to cause buffer overflows via a specially crafted PSD image.
Impact
Successful exploitation will allow attackers to execute arbitrary code on the system or cause a denial of service condition.
Impact Level: System/Application
Solution
Update to XnView version 1.98.5 or later,
For updates refer to http://www.xnview.com/
Affected
XnView versions 1.98.2 and prior on windows
References
Severity
Classification
-
CVE CVE-2012-0684, CVE-2012-0685 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Windows)
- Attachmate Reflection FTP Client LIST Command Remote Heap Buffer Overflow Vulnerability
- ActiveFax RAW Server Multiple Buffer Overflow Vulnerabilities
- Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Mac OS X)
- Alleycode HTML Editor Buffer Overflow Vulnerabilities