Lucene search
HistoryMar 15, 2010 - 1:28 p.m.
CVE-2009-4001
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.068 Low
EPSS
Percentile
93.9%
Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow.
Affected configurations
Node
xnviewxnviewRange≤1.97.1
ORxnviewxnviewMatch1.0a
ORxnviewxnviewMatch1.01
ORxnviewxnviewMatch1.02
ORxnviewxnviewMatch1.03
ORxnviewxnviewMatch1.04
ORxnviewxnviewMatch1.05
ORxnviewxnviewMatch1.05b
ORxnviewxnviewMatch1.05c
ORxnviewxnviewMatch1.06
ORxnviewxnviewMatch1.07
ORxnviewxnviewMatch1.08
ORxnviewxnviewMatch1.09
ORxnviewxnviewMatch1.10
ORxnviewxnviewMatch1.11
ORxnviewxnviewMatch1.12
ORxnviewxnviewMatch1.13
ORxnviewxnviewMatch1.14
ORxnviewxnviewMatch1.15
ORxnviewxnviewMatch1.16
ORxnviewxnviewMatch1.17
ORxnviewxnviewMatch1.17a
ORxnviewxnviewMatch1.18
ORxnviewxnviewMatch1.18.1
ORxnviewxnviewMatch1.19
ORxnviewxnviewMatch1.20
ORxnviewxnviewMatch1.21
ORxnviewxnviewMatch1.22
ORxnviewxnviewMatch1.23
ORxnviewxnviewMatch1.24
ORxnviewxnviewMatch1.25
ORxnviewxnviewMatch1.25a
ORxnviewxnviewMatch1.30
ORxnviewxnviewMatch1.31
ORxnviewxnviewMatch1.32
ORxnviewxnviewMatch1.33
ORxnviewxnviewMatch1.34
ORxnviewxnviewMatch1.35
ORxnviewxnviewMatch1.36
ORxnviewxnviewMatch1.37
ORxnviewxnviewMatch1.40
ORxnviewxnviewMatch1.41
ORxnviewxnviewMatch1.45
ORxnviewxnviewMatch1.46
ORxnviewxnviewMatch1.50
ORxnviewxnviewMatch1.50.1
ORxnviewxnviewMatch1.55
ORxnviewxnviewMatch1.60
ORxnviewxnviewMatch1.61
ORxnviewxnviewMatch1.65
ORxnviewxnviewMatch1.66
ORxnviewxnviewMatch1.67
ORxnviewxnviewMatch1.68
ORxnviewxnviewMatch1.68.1
ORxnviewxnviewMatch1.70
ORxnviewxnviewMatch1.70.2
ORxnviewxnviewMatch1.70.3
ORxnviewxnviewMatch1.70.4
ORxnviewxnviewMatch1.74
ORxnviewxnviewMatch1.80
ORxnviewxnviewMatch1.80.1
ORxnviewxnviewMatch1.80.2
ORxnviewxnviewMatch1.80.3
ORxnviewxnviewMatch1.82
ORxnviewxnviewMatch1.82.2
ORxnviewxnviewMatch1.82.3
ORxnviewxnviewMatch1.82.4
ORxnviewxnviewMatch1.90
ORxnviewxnviewMatch1.90.1
ORxnviewxnviewMatch1.90.3
ORxnviewxnviewMatch1.91
ORxnviewxnviewMatch1.91.1
ORxnviewxnviewMatch1.91.2
ORxnviewxnviewMatch1.91.3
ORxnviewxnviewMatch1.91.4
ORxnviewxnviewMatch1.91.5
ORxnviewxnviewMatch1.91.6
ORxnviewxnviewMatch1.92
ORxnviewxnviewMatch1.92.1
ORxnviewxnviewMatch1.93
ORxnviewxnviewMatch1.93.1
ORxnviewxnviewMatch1.93.2
ORxnviewxnviewMatch1.93.3
ORxnviewxnviewMatch1.93.4
ORxnviewxnviewMatch1.93.6
ORxnviewxnviewMatch1.94
ORxnviewxnviewMatch1.94.1
ORxnviewxnviewMatch1.94.2
ORxnviewxnviewMatch1.95
ORxnviewxnviewMatch1.95.1
ORxnviewxnviewMatch1.95.2
ORxnviewxnviewMatch1.95.3
ORxnviewxnviewMatch1.95.4
ORxnviewxnviewMatch1.96
ORxnviewxnviewMatch1.96.1
ORxnviewxnviewMatch1.96.2
ORxnviewxnviewMatch1.96.5
ORxnviewxnviewMatch1.97
Related
openvas
openvas
XnView DICOM Parsing Integer Overflow Vulnerability - Windows
2010-03-30 00:00:00
XnView DICOM Parsing Integer Overflow Vulnerability (Windows)
2010-03-30 00:00:00
XnView DICOM Parsing Integer Overflow Vulnerability - Linux
2010-03-30 00:00:00
securityvulns
securityvulns
XNView buffer overflow
2010-03-11 00:00:00
Secunia Research: XnView DICOM Parsing Integer Overflow Vulnerability
2010-03-11 00:00:00
prion
prion
Integer overflow
2010-03-15 13:28:00
cvelist
cvelist
CVE-2009-4001
2010-03-12 20:00:00
cve
cve
CVE-2009-4001
2010-03-15 13:28:25
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.068 Low
EPSS
Percentile
93.9%
Related for NVD:CVE-2009-4001