CVE Vulnerabilities

CVE-2013-3938

Published: Mar 18, 2014 | Modified: Mar 19, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Xnview Xnview 2.13 2.13

References