Forum Thread: XnView Image Processing Buffer Overflow Vulnerabilities

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
XnView Image Processing Buffer Overflow Vulnerabilities

Secunia XnView Image Processing Buffer Overflow Vulnerabilities
Secunia Official 11th Apr, 2013 09:07
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
Multiple vulnerabilities have been discovered in XnView, which can be exploited by malicious people to compromise a user's system.

1) An error in the JPEG2000 plug-in (Xjp2.dll) when processing the Quantization Default (QCD) marker segment can be exploited to cause a heap-based buffer overflow via a specially crafted JPEG2000 (JP2) file.

This may be related to vulnerability #3:
SA47175

2) An error when processing RGBQUAD structures from a ICO file can be exploited to cause a heap-based buffer overflow via specially crafted height, width, and bits per pixel values.

3) An error when loading image data from a PCX file can be exploited to cause a heap-based buffer overflow via specially crafted bits per pixel and image dimension values.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening a malicious file.

The vulnerabilities are confirmed in version 1.98.5 and 1.99. Other versions may also be affected.

xyzzy RE: XnView Image Processing Buffer Overflow Vulnerabilities
Member 11th Apr, 2013 09:07
Score:
Posts: 41
User Since: 7th Mar 2008
System Score: N/A
Location: DE
Last edited on 11th Apr, 2013 09:07
In the XnView 2.00 release notes posted on 2013-04-09 in <http://newsgroup.xnview.com/viewtopic.php?f=35&t=2...> the author mentioned "Secunia SA47352" under "Fixed".
Was this reply relevant?
+0
-0
This user no longer exists RE: XnView Image Processing Buffer Overflow Vulnerabilities
Secunia Official 15th Apr, 2013 11:02
Thank you very much. Our version rule for XnView 1.x has been updated.