Lucene search
HistoryJul 09, 2014 - 2:55 p.m.
CVE-2012-4988
cve
2012
4988
buffer overflow
xjpegls.dll
jls
jpeg-ls
xnview
remote code execution
nvd
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
Low
0.144 Low
EPSS
Percentile
95.8%
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.
Affected configurations
Node
xnviewxnviewMatch1.99
ORxnviewxnviewMatch1.99.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| xnview:xnview | xnview | eq | 1.99 |
| xnview:xnview | xnview | eq | 1.99.1 |
Related
securityvulns
securityvulns
XnView buffer overflow
2012-10-05 00:00:00
XnView JLS File Decompression Heap Overflow
2012-10-05 00:00:00
nvd
nvd
CVE-2012-4988
2014-07-09 14:55:03
cvelist
cvelist
CVE-2012-4988
2014-07-09 14:00:00
exploitpack
exploitpack
XnView 1.99.1 - .JLS File Decompression Heap Overflow
2012-10-04 00:00:00
openvas
openvas
XnView JPEG-LS Image Processing Buffer Overflow Vulnerability
2014-08-26 00:00:00
seebug
seebug
XnView 1.99.1 JLS File Decompression Heap Overflow
2014-07-01 00:00:00
prion
prion
Heap overflow
2014-07-09 14:55:00
exploitdb
exploitdb
XnView 1.99.1 - '.JLS' File Decompression Heap Overflow
2012-10-04 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
Low
0.144 Low
EPSS
Percentile
95.8%
Related for CVE-2012-4988