Signature Detail
Short Name |
HTTP:STC:DL:XNVIEW-PCT-FILE-BOF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
XnView PCT File Processing Buffer Overflow |
Release Date |
2013/10/30 |
Update Number |
2315 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: XnView PCT File Processing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in XnView PCT File. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the process's user.
Extended Description
Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file.
Affected Products
- xnview 1.01
- xnview 1.02
- xnview 1.03
- xnview 1.04
- xnview 1.05 (b)
- xnview 1.05 (c)
- xnview 1.06
- xnview 1.07
- xnview 1.08
- xnview 1.09
- xnview 1.0 (a)
- xnview 1.10
- xnview 1.11
- xnview 1.12
- xnview 1.13
- xnview 1.14
- xnview 1.15
- xnview 1.16
- xnview 1.17 (a)
- xnview 1.18
- xnview 1.18.1
- xnview 1.19
- xnview 1.20
- xnview 1.21
- xnview 1.22
- xnview 1.23
- xnview 1.24
- xnview 1.25 (a)
- xnview 1.30
- xnview 1.31
- xnview 1.32
- xnview 1.33
- xnview 1.34
- xnview 1.35
- xnview 1.36
- xnview 1.37
- xnview 1.40
- xnview 1.41
- xnview 1.45
- xnview 1.46
- xnview 1.50
- xnview 1.50.1
- xnview 1.55
- xnview 1.60
- xnview 1.61
- xnview 1.65
- xnview 1.66
- xnview 1.67
- xnview 1.68
- xnview 1.68.1
- xnview 1.70
- xnview 1.70.2
- xnview 1.70.3
- xnview 1.70.4
- xnview 1.74
- xnview 1.80
- xnview 1.80.1
- xnview 1.80.2
- xnview 1.80.3
- xnview 1.82
- xnview 1.82.2
- xnview 1.82.3
- xnview 1.82.4
- xnview 1.90
- xnview 1.90.1
- xnview 1.90.3
- xnview 1.91
- xnview 1.91.1
- xnview 1.91.2
- xnview 1.91.3
- xnview 1.91.4
- xnview 1.91.5
- xnview 1.91.6
- xnview 1.92
- xnview 1.92.1
- xnview 1.93
- xnview 1.93.1
- xnview 1.93.2
- xnview 1.93.3
- xnview 1.93.4
- xnview 1.93.6
- xnview 1.94
- xnview 1.94.1
- xnview 1.94.2
- xnview 1.95
- xnview 1.95.1
- xnview 1.95.2
- xnview 1.95.3
- xnview 1.95.4
- xnview 1.96
- xnview 1.96.1
- xnview 1.96.2
- xnview 1.96.5
- xnview 1.97
- xnview 1.97.1
- xnview 1.97.2
- xnview 1.97.3
- xnview 1.97.4
- xnview 1.97.5
- xnview 1.97.6
- xnview 1.97.7
- xnview 1.97.8
- xnview 1.98
- xnview 1.98.1
- xnview 1.98.2
- xnview 1.98.3
- xnview 1.98.4
- xnview 1.98.5
- xnview 1.98.6
- xnview 1.98.7
- xnview 1.98.8
- xnview 1.99
- xnview 1.99.1
- xnview up to 2.03
References
- CVE: CVE-2013-2577