This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Windows host contains an application that is affected by
multiple buffer overflow vulnerabilities.
The version of XnView installed on the remote Windows host is 2.x,
earlier than 2.03. It is, therefore, reportedly affected by the
following buffer overflow vulnerabilities:
- A stack-based buffer overflow exists in the 'XCF' image
handling layer. (CVE-2013-3246)
- A heap-based buffer overflow exists when handling
decompression of RLE layers in a specially crafted 'XCF'
See also :
Upgrade to XnView version 2.03 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true