PT-2023-28745 · Xnsoft · Xnsoft Nconvert
Michele Toccagni
·
Published
2023-10-19
·
Updated
2023-10-26
·
CVE-2023-43252
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
XNSoft Nconvert version 7.136
Description
The issue is related to a Buffer Overflow that can be triggered via a crafted image file.
Recommendations
For XNSoft Nconvert version 7.136, update to a newer version that contains a fix for this issue. If no updated version is available, consider temporarily restricting the processing of image files from untrusted sources to minimize the risk of exploitation.
Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Xnsoft Nconvert