Code injection

2023-10-1915:15:00

PRIOn knowledge base

www.prio-n.com

code injection

xnsoft nconvert 7.136

exception handler

denial of service

code execution

crafted image file

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.4%

JSON

XNSoft Nconvert 7.136 has an Exception Handler Chain Corrupted via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.

CPENameOperatorVersion
nconverteq7.136

CPE	Name	Operator	Version
	nconvert	eq	7.136

References

packetstormsecurity.com/files/175145/XNSoft-Nconvert-7.136-Buffer-Overflow-Denial-Of-Service.html

seclists.org/fulldisclosure/2023/Oct/15

github.com/mrtouch93/exploits/tree/main/NConvert7.136/SEH

www.xnview.com/en/nconvert/