Page 29 of 159 results (0.020 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpInsertFreeBlock+0x00000000000001ca." XnView Classic para Windows versión 2.40, podría permitir a los atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado por medio de un archivo .rle creado, relacionado a "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpInsertFreeBlock+0x00000000000001ca". • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10768 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0

Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow. Desbordamiento de enteros en xnview.exe en XnView 2.13 permite a atacantes remotos ejecutar código arbitrario a través de un campo NUM_ELEMENTS grande en una estructura IFD_ENTRY en un archivo JXR, lo que provoca un desbordamiento de buffer basado en memoria dinámica. • http://secunia.com/advisories/56172 http://www.securityfocus.com/bid/66187 • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 13%CPEs: 117EXPL: 4

Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. Desbordamiento de búfer en XnView anterior a v2.04 permite a atacantes remotos ejecutar código arbitrario a través de un archivo PCT manipulado. • https://www.exploit-db.com/exploits/27049 http://archives.neohapsis.com/archives/bugtraq/2013-07/0153.html http://newsgroup.xnview.com/viewtopic.php?f=35&t=28400 http://osvdb.org/95580 http://secunia.com/advisories/54174 http://www.coresecurity.com/advisories/xnview-buffer-overflow-vulnerability http://www.exploit-db.com/exploits/27049 http://www.securitytracker.com/id/1028817 https://exchange.xforce.ibmcloud.com/vulnerabilities/85919 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 14%CPEs: 2EXPL: 1

Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file. Desbordamiento de buffer basado en memoria dinámica en el plugin de formato xjpegls.dll (también conocido como JLS, JPEG-LS o JPEG lossless) en XnView 1.99 y 1.99.1 permite a atacantes remotos ejecutar código arbitrario a través de un fichero de imagen JLS manipulado. • https://www.exploit-db.com/exploits/21741 http://osvdb.org/show/osvdb/85893 http://seclists.org/fulldisclosure/2012/Oct/36 http://secunia.com/advisories/50825 http://www.reactionpenetrationtesting.co.uk/xnview-jls-heap.html http://www.securityfocus.com/bid/55787 https://exchange.xforce.ibmcloud.com/vulnerabilities/79030 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 15%CPEs: 1EXPL: 4

Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL. Múltiples desbordamientos de buffer de memoria dinámica en XnView anterior a v1.99 permite a los atacantes remotos causar una denegación de servicio (caída de aplicación) y posiblemente ejecutar código arbitrario a través de un (1) imagen SGI32LogLum TIFF comprimido o (2) SGI32LogLum imagen TIFF comprimido con el conjunto de codificación photometricinterpretation a logL. • https://www.exploit-db.com/exploits/19337 https://www.exploit-db.com/exploits/19338 http://newsgroup.xnview.com/viewtopic.php?f=35&t=25858 http://secunia.com/advisories/48666 http://www.exploit-db.com/exploits/19337 http://www.exploit-db.com/exploits/19338 http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=48 http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=49 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •