CVE-2012-0276
published 2012-07-17CVE-2012-0276: Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute…
PriorityP339medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
8.32%
94.2th percentile
Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xnview | xnview | <= 1.98.8 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
XnView 1.98.8 - '.tiff' Image Processing Heap Overflow (1)
exploitdb·2012-06-22
CVE-2012-0276 XnView 1.98.8 - '.tiff' Image Processing Heap Overflow (1)
XnView 1.98.8 - '.tiff' Image Processing Heap Overflow (1)
---
#####################################################################################
Application: XnView TIFF Image Processing Heap Overflow
Platforms: Windows
Secunia: SA48666
{PRL}: 2012-16
Author: Francis Provencher (Protek Research Lab's)
Website: http://www.protekresearchlab.com/
Twitter: @ProtekResearch
#####################################################################################
1) Introduction
2) Report Timeline
3) Technical details
4) The Code
#####################################################################################
1) Introduction
XnView is a cross-platform image viewer used for viewing, converting, organising and editing graphical & video files.
It is free of charge for private, edu
Exploit-DB
XnView 1.98.8 - '.tiff' Image Processing Heap Overflow (2)
exploitdb·2012-06-22
CVE-2012-0276 XnView 1.98.8 - '.tiff' Image Processing Heap Overflow (2)
XnView 1.98.8 - '.tiff' Image Processing Heap Overflow (2)
---
#####################################################################################
Application: XnView TIFF Image Processing Heap Overflow
Platforms: Windows
Secunia: SA48666
{PRL}: 2012-15
Author: Francis Provencher (Protek Research Lab's)
Website: http://www.protekresearchlab.com/
Twitter: @ProtekResearch
#####################################################################################
1) Introduction
2) Report Timeline
3) Technical details
4) The Code
#####################################################################################
1) Introduction
XnView is a cross-platform image viewer used for viewing, converting, organising and editing graphical & video files.
It is free of charge for private, edu
No writeups or analysis indexed.
http://newsgroup.xnview.com/viewtopic.php?f=35&t=25858http://secunia.com/advisories/48666http://www.exploit-db.com/exploits/19337http://www.exploit-db.com/exploits/19338http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=48http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=49http://newsgroup.xnview.com/viewtopic.php?f=35&t=25858http://secunia.com/advisories/48666http://www.exploit-db.com/exploits/19337http://www.exploit-db.com/exploits/19338http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=48http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=49
2012-07-17
Published