Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1461

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2008-1461
Last Modified 05 Sep 2008 12:00:00
Published 24 Mar 2008 02:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-1461

Summary

Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker.

Vulnerable Systems

Application

  • Xnview 1.92.1


References

XF - xnview-filename-bo(41245)

BID - 28259

BUGTRAQ - 20080315 XNview 1.92.1 Long Filename Overflow

MISC - http://www.click-internet.fr/index.php?cki=News&news=9

SREASON - 3761


Last Updated: 27 May 2016 10:47:08