PT-2023-12127 · Xnview · Xnview

Published

2023-08-11

Updated

2023-08-17

CVE-2021-28427

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions XNView version 2.49.3

Description The issue allows local attackers to execute arbitrary code via a crafted TIFF file. This is a Buffer Overflow vulnerability.

Recommendations For XNView version 2.49.3, update to a version that fixes this issue. As a temporary workaround, consider avoiding the use of crafted TIFF files to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2021-28427

Affected Products

Xnview

PT-2023-12127 · Xnview · Xnview

CVE-2021-28427

Weakness Enumeration

Related Identifiers

Affected Products

References · 7