XnView产品TAAC文件解析栈溢出漏洞

BUGTRAQ ID: 29851 CVECAN ID: CVE-2008-2427 XnView是一款浏览的图片查看器，支持多种图形格式。 XnView在处理Sun TAAC文件的format关键字时存在栈溢出漏洞，如果用户受骗打开了特制的Sun TAAC文件就会触发这个溢出，导致执行任意指令。 0 XnView XnView 1.93.6 for Windows XnView XnView 1.70 for Linux/FreeBSD XnView NConvert 4.92 XnView GFL SDK 2.82 XnView ------...

CVE-2008-2427

Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file...

Stack overflow

Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file...

CVE-2008-2427

The CVE-2008-2427 issue affects XnView, NConvert, and GFL SDK: a stack-based buffer overflow when parsing the Sun TAAC file’s format keyword, impacting XnView 1.93.6 (Windows) and 1.70 (Linux/FreeBSD), NConvert 4.92, and GFL SDK 2.82. The root cause is a boundary/error in processing the format ke...

CVE-2008-2427

Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file...