NotCVE - vendor:"Xnview" product:"Xnview" version:"2.13"

2 results (0.011 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-28835

https://notcve.org/view.php?id=CVE-2021-28835

Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file. • https://newsgroup.xnview.com/viewtopic.php?f=35&t=44679 https://www.xnview.com/en/xnview/#changelog • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0

CVE-2013-3938

https://notcve.org/view.php?id=CVE-2013-3938

Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow. Desbordamiento de enteros en xnview.exe en XnView 2.13 permite a atacantes remotos ejecutar código arbitrario a través de un campo NUM_ELEMENTS grande en una estructura IFD_ENTRY en un archivo JXR, lo que provoca un desbordamiento de buffer basado en memoria dinámica. • http://secunia.com/advisories/56172 http://www.securityfocus.com/bid/66187 • CWE-189: Numeric Errors •