BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

XnView JLS Heap Overflow

Disclosed October 4, 2012    Fully Patched

Vulnerability Description:

XnView is vulnerable to a heap-based buffer overflow that occurs when parsing JPEG images. Attackers can leverage this vulnerability to execute arbitrary code in the context of XnView.

Vendors:

XnSoft

Vulnerable Software/Devices:

XnView 1.99.1

Vulnerability Severity:

High

Exploit Availability:

N/A

Exploit Impact:

Remote Code Execution
Remote Code Execution Attackers that exploit this vulnerability would be able to execute arbitrary on the target system. If XnView is running with elevated privileges, then an attacker would potentially be able to take full control of the computer.

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 17215 - XnView JLS Heap Overflow

Mitigation:

No mitigation currently exists.

Links:

CVE(s):

None

Leave a Reply