CVE-2008-0064
published 2008-01-31CVE-2008-0064: Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows…
PriorityP334critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
4.61%
90.5th percentile
Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pierreegougelet | gfl_sdk | — | — |
| pierreegougelet | nconvert | <= 4.85 | — |
| pierreegougelet | xnview | <= 1.91 | — |
| pierreegougelet | xnview | <= 1.92 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
http://secunia.com/advisories/28326http://secunia.com/advisories/28710http://secunia.com/secunia_research/2008-1/advisoryhttp://www.securityfocus.com/bid/27514http://www.vupen.com/english/advisories/2008/0328http://www.vupen.com/english/advisories/2008/0329http://secunia.com/advisories/28326http://secunia.com/advisories/28710http://secunia.com/secunia_research/2008-1/advisoryhttp://www.securityfocus.com/bid/27514http://www.vupen.com/english/advisories/2008/0328http://www.vupen.com/english/advisories/2008/0329
2008-01-31
Published