Lucene search

[email protected]NVD:CVE-2023-43252

HistoryOct 19, 2023 - 1:15 p.m.

CVE-2023-43252

2023-10-1913:15:10

CWE-787

[email protected]

web.nvd.nist.gov

xnsoft

nconvert

buffer overflow

vulnerability

image file

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

25.6%

JSON

XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow via a crafted image file.

Affected configurations

NVD

Node

xnviewnconvertMatch7.136

References

packetstormsecurity.com/files/175145/XNSoft-Nconvert-7.136-Buffer-Overflow-Denial-Of-Service.html

seclists.org/fulldisclosure/2023/Oct/15

github.com/mrtouch93/exploits/tree/main/NConvert7.136/Stack%20Buffer%20Overrun

www.xnview.com/en/nconvert/

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

25.6%

JSON

Related for NVD:CVE-2023-43252

cve1 cvelist1 prion1