PT-2023-28745 · Xnsoft · Xnsoft Nconvert
Michele Toccagni
·
Publicado
2023-10-19
·
Atualizado
2023-10-26
·
CVE-2023-43252
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
XNSoft Nconvert version 7.136
Description
The issue is related to a Buffer Overflow that can be triggered via a crafted image file.
Recommendations
For XNSoft Nconvert version 7.136, update to a newer version that contains a fix for this issue. If no updated version is available, consider temporarily restricting the processing of image files from untrusted sources to minimize the risk of exploitation.
Exploit
Correção
Memory Corruption
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Xnsoft Nconvert