CVE-2012-0276

XnView <1.99 - Buffer Overflow

Title source: llm

Description

Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Francis Provencher · textdoswindows

https://www.exploit-db.com/exploits/19338

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Francis Provencher · textdoswindows

https://www.exploit-db.com/exploits/19337

View Code ZIP pw:eip

References (6)

[Various Sources] http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=48

[Various Sources] http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=49

[Various Sources] http://newsgroup.xnview.com/viewtopic.php?f=35&t=25858

[Vendor Advisory] http://secunia.com/advisories/48666

[Exploit] http://www.exploit-db.com/exploits/19337

[Exploit] http://www.exploit-db.com/exploits/19338

Scores

EPSS 0.1493

EPSS Percentile 94.4%

Classification

CWE

CWE-119

Status draft

Affected Products (1)

xnview/xnview < 1.98.8

Timeline

Published Jul 17, 2012

Tracked Since Feb 18, 2026