Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-3938

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2013-3938
Last Modified 19 Mar 2014 09:59:18
Published 18 Mar 2014 01:02:52
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-3938

Summary

Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • Xnview 2.13


References

BID - 66187

SECUNIA - 56172


Last Updated: 27 May 2016 11:04:42