CVE-2013-3246

Name of the Vulnerable Software and Affected Versions XnView versions prior to 2.03

Description The issue is related to a stack-based buffer overflow in the xnview.exe module when processing image layers of XCF files. This can be exploited by remote attackers to execute arbitrary code via a specially crafted image layer within an XCF file. A boundary error within the module is the root cause of this issue.

Recommendations For versions prior to 2.03, update to version 2.03 or later to resolve the issue. As a temporary workaround, consider avoiding the use of XCF files or restricting access to the xnview.exe module until the update is applied.