XnView 2.x < 2.04 Multiple Buffer Overflow Vulnerabilities
High Nessus Plugin ID 69137
SynopsisThe remote Windows host contains an application that is affected by multiple buffer overflow vulnerabilities.
DescriptionThe version of XnView installed on the remote Windows host is 2.x, earlier than 2.04. It is, therefore, reportedly affected by the following overflow vulnerabilities:
- An unspecified error exists that could allow a buffer overflow during 'PCT' file handling. (CVE-2013-2577)
- Unspecified errors exist that could allow heap-based buffer overflows during 'FPX' and 'PSP' file handling.
SolutionUpgrade to XnView version 2.04 or later.