CVE-2008-1461
published 2008-03-24CVE-2008-1461: Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is…
PriorityP339high7.6CVSS 2.0
AVNACHAuNCCICAC
EXPLOIT
EPSS
11.29%
95.4th percentile
Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pierreegougelet | xnview | <= 1.92 | — |
| pierreegougelet | xnview | <= 1.92.1 | — |
| xnview | xnview | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-79xw-qr84-hjp2: Buffer overflow in XnView 1
ghsa_unreviewed·2022-05-01
CVE-2008-1461 [HIGH] CWE-119 GHSA-79xw-qr84-hjp2: Buffer overflow in XnView 1
Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker.
GHSA
GHSA-mhx2-327m-cwjh: Stack-based buffer overflow in XnView 1
ghsa_unreviewed·2022-05-01·CVSS 7.6
CVE-2008-0069 [HIGH] CWE-119 GHSA-mhx2-327m-cwjh: Stack-based buffer overflow in XnView 1
Stack-based buffer overflow in XnView 1.92 and 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long FontName parameter in a slideshow (.sld) file, a different vector than CVE-2008-1461.
No detection rules found.
No writeups or analysis indexed.
http://securityreason.com/securityalert/3761http://www.click-internet.fr/index.php?cki=News&news=9http://www.securityfocus.com/archive/1/489658/100/0/threadedhttp://www.securityfocus.com/bid/28259https://exchange.xforce.ibmcloud.com/vulnerabilities/41245http://securityreason.com/securityalert/3761http://www.click-internet.fr/index.php?cki=News&news=9http://www.securityfocus.com/archive/1/489658/100/0/threadedhttp://www.securityfocus.com/bid/28259https://exchange.xforce.ibmcloud.com/vulnerabilities/41245
2008-03-24
Published