Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.
References
Link | Resource |
---|---|
http://secunia.com/advisories/28326 | Patch Vendor Advisory |
http://secunia.com/advisories/28710 | Vendor Advisory |
http://secunia.com/secunia_research/2008-1/advisory | Vendor Advisory |
http://www.securityfocus.com/bid/27514 | |
http://www.vupen.com/english/advisories/2008/0328 | |
http://www.vupen.com/english/advisories/2008/0329 | |
http://secunia.com/advisories/28326 | Patch Vendor Advisory |
http://secunia.com/advisories/28710 | Vendor Advisory |
http://secunia.com/secunia_research/2008-1/advisory | Vendor Advisory |
http://www.securityfocus.com/bid/27514 | |
http://www.vupen.com/english/advisories/2008/0328 | |
http://www.vupen.com/english/advisories/2008/0329 |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:41
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/28326 - Patch, Vendor Advisory | |
References | () http://secunia.com/advisories/28710 - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2008-1/advisory - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/27514 - | |
References | () http://www.vupen.com/english/advisories/2008/0328 - | |
References | () http://www.vupen.com/english/advisories/2008/0329 - |
Information
Published : 2008-01-31 20:00
Updated : 2024-11-21 00:41
NVD link : CVE-2008-0064
Mitre link : CVE-2008-0064
CVE.ORG link : CVE-2008-0064
JSON object : View
Products Affected
pierreegougelet
- xnview
- nconvert
- gfl_sdk
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer