Vulnerability Description
Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xnview | Xnview | 1.92.1 |
Related Weaknesses (CWE)
References
- http://securityreason.com/securityalert/3761Exploit
- http://www.click-internet.fr/index.php?cki=News&news=9Exploit
- http://www.securityfocus.com/archive/1/489658/100/0/threaded
- http://www.securityfocus.com/bid/28259Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41245
- http://securityreason.com/securityalert/3761Exploit
- http://www.click-internet.fr/index.php?cki=News&news=9Exploit
- http://www.securityfocus.com/archive/1/489658/100/0/threaded
- http://www.securityfocus.com/bid/28259Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41245
FAQ
What is CVE-2008-1461?
CVE-2008-1461 is a vulnerability with a CVSS score of 7.6 (HIGH). Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler...
How severe is CVE-2008-1461?
CVE-2008-1461 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1461?
Check the references section above for vendor advisories and patch information. Affected products include: Xnview Xnview.