Lucene search
Gentoo Security Advisory GLSA 200707-06 (xnview)
🗓️ 24 Sep 2008 00:00:00Reported by Copyright (C) 2008 E-Soft Inc.Type 
openvas🔗 plugins.openvas.org👁 10 Views
Gentoo Security Advisory GLSA 200707-06 (xnview) describes a stack-based buffer overflow vulnerability in XnView when handling XPM image files
Show more
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | GLSA-200707-06 : XnView: Stack-based buffer overflow | 18 Jul 200700:00 | – | nessus |
 | CVE-2007-2194 | 24 Apr 200717:19 | – | nvd |
 | CVE-2007-2194 | 24 Apr 200717:00 | – | cvelist |
 | Stack overflow | 24 Apr 200717:19 | – | prion |
 | [ GLSA 200707-06 ] XnView: Stack-based buffer overflow | 12 Jul 200700:00 | – | securityvulns |
| XnView buffer overflow | 12 Jul 200700:00 | – | securityvulns |
 | XnView: Stack-based buffer overflow | 11 Jul 200700:00 | – | gentoo |
| Gentoo Security Advisory GLSA 200707-06 (xnview) | 24 Sep 200800:00 | – | openvas |
 | CVE-2007-2194 | 24 Apr 200717:19 | – | cve |
| Source | Link |
|---|---|
| bugs | www.bugs.gentoo.org/show_bug.cgi |
| securityspace | www.securityspace.com/smysecure/catid.html |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.58459");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)");
script_cve_id("CVE-2007-2194");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Gentoo Security Advisory GLSA 200707-06 (xnview)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Gentoo Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_tag(name:"insight", value:"XnView is vulnerable to a stack-based buffer overflow and possible remote
code execution when handling XPM image files.");
script_tag(name:"solution", value:"No update appears to be forthcoming from the XnView developer and XnView is
proprietary, so the XnView package has been masked in Portage. We recommend
that users select an alternate graphics viewer and conversion utility, and
unmerge XnView:
# emerge --unmerge xnview");
script_xref(name:"URL", value:"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200707-06");
script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=175670");
script_tag(name:"summary", value:"The remote host is missing updates announced in
advisory GLSA 200707-06.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-gentoo.inc");
include("revisions-lib.inc");
res = "";
report = "";
report = "";
if ((res = ispkgvuln(pkg:"x11-misc/xnview", unaffected: make_list(), vulnerable: make_list("lt 1.70"))) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo24 Sep 2008 00:00Current
7.1High risk
Vulners AI Score7.1
CVSS210
EPSS0.27662