Synopsis :

The remote Windows host contains an application with multiple
buffer overflow vulnerabilities.

Description :

The version of XnView installed on the remote Windows host is earlier
than 1.99.0. It therefore is reportedly affected by the following
heap-based buffer overflow vulnerabilities :

- An integer truncation issue exists related to the
handling of the depth value in 'Sun Raster' (RAS)
image files.

- A boundary violation issue exists in 'NCSEcw.dll'
related to the decompression of 'Enhanced Compressed
Wavelet' (ECW) image files.

- A boundary violation issue exists in 'Xfpx.dll'
related to the handling of 'FlashPix' (FPX) image
files.

- Errors exist related to decompressing 'TIFF' images
that use 'SGI32LogLum' compression.

- An error exists related to the handling of 'PCT' image
decompression.

- An error exists related to the handling of 'GIF' images
that have certain values for 'ImageLeftPosition'.

See also :

http://www.nessus.org/u?1e023a49
http://www.nessus.org/u?db1ff78b
http://www.nessus.org/u?8499541f
http://www.nessus.org/u?9470d60a
http://www.nessus.org/u?01938237
http://www.nessus.org/u?b6b263c8
http://www.nessus.org/u?72eb16db
http://www.nessus.org/u?53b742d2

Solution :

Upgrade to XnView version 1.99.0 or later as that reportedly resolves
the issue.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true