XnView产品TAAC文件解析栈溢出漏洞

Posted by ArtHack on Jun 25th, 2008 and filed under Notice loopholes. You can follow any responses to this entry through the RSS 2.0. You can also subscribe to us, through the Top of the E-mail - 加入超级QQ群:32843311

受影响系统:
XnView XnView 1.93.6 for Windows
XnView XnView 1.70 for Linux/FreeBSD
XnView NConvert 4.92
XnView GFL SDK 2.82
不受影响系统:
XnView XnView 1.94 beta1
描述:
——————————————————————————–
BUGTRAQ  ID: 29851
CVE(CAN) ID: CVE-2008-2427
XnView是一款浏览的图片查看器,支持多种图形格式。
XnView在处理Sun TAAC文件的format关键字时存在栈溢出漏洞,如果用户受骗打开了特制的Sun TAAC文件就会触发这个溢出,导致执行任意指令。
<*来源:Stefan Cornelius

链接:http://secunia.com/secunia_research/2008-24/advisory/
*>
建议:
——————————————————————————–
厂商补丁:
XnView
——
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.xnview.com/

Classic Posts

Related Posts

Our Sponsors

Leave a Reply

Our Sponsors

Recent Posts

Recent Comments

Tag Cloud

Premium Wordpress Themes

Solostream
wp remix
StudioPress
WPNOW Themes
Gabfire Themes
Translator
Chinese (Simplified) flagChinese (Traditional) flagItalian flagKorean flagPortuguese flagEnglish flagGerman flagFrench flagSpanish flagJapanese flagArabic flagRussian flagGreek flagDutch flagBulgarian flagCzech flagCroat flagDanish flagFinnish flagHindi flagPolish flagRumanian flagSwedish flagNorwegian flagCatalan flagFilipino flagHebrew flagIndonesian flagLatvian flagLithuanian flagSerbian flagSlovak flagSlovenian flagUkrainian flagVietnamese flagAlbanian flagEstonian flagGalician flagMaltese flagThai flagTurkish flagHungarian flag
Log in / Art Hack.All rights reserved.