CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-3939

xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.9%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

Products affected by CVE-2013-3939

Xnview » Xnview » Version: 1.0

cpe:2.3:a:xnview:xnview:1.0
Xnview » Xnview » Version: 1.01

cpe:2.3:a:xnview:xnview:1.01
Xnview » Xnview » Version: 1.02

cpe:2.3:a:xnview:xnview:1.02
Xnview » Xnview » Version: 1.03

cpe:2.3:a:xnview:xnview:1.03
Xnview » Xnview » Version: 1.04

cpe:2.3:a:xnview:xnview:1.04
Xnview » Xnview » Version: 1.05

cpe:2.3:a:xnview:xnview:1.05
Xnview » Xnview » Version: 1.06

cpe:2.3:a:xnview:xnview:1.06
Xnview » Xnview » Version: 1.07

cpe:2.3:a:xnview:xnview:1.07
Xnview » Xnview » Version: 1.08

cpe:2.3:a:xnview:xnview:1.08
Xnview » Xnview » Version: 1.09

cpe:2.3:a:xnview:xnview:1.09
Xnview » Xnview » Version: 1.10

cpe:2.3:a:xnview:xnview:1.10
Xnview » Xnview » Version: 1.11

cpe:2.3:a:xnview:xnview:1.11
Xnview » Xnview » Version: 1.12

cpe:2.3:a:xnview:xnview:1.12
Xnview » Xnview » Version: 1.13

cpe:2.3:a:xnview:xnview:1.13
Xnview » Xnview » Version: 1.14

cpe:2.3:a:xnview:xnview:1.14
Xnview » Xnview » Version: 1.15

cpe:2.3:a:xnview:xnview:1.15
Xnview » Xnview » Version: 1.16

cpe:2.3:a:xnview:xnview:1.16
Xnview » Xnview » Version: 1.17

cpe:2.3:a:xnview:xnview:1.17
Xnview » Xnview » Version: 1.18

cpe:2.3:a:xnview:xnview:1.18
Xnview » Xnview » Version: 1.18.1

cpe:2.3:a:xnview:xnview:1.18.1
Xnview » Xnview » Version: 1.19

cpe:2.3:a:xnview:xnview:1.19
Xnview » Xnview » Version: 1.20

cpe:2.3:a:xnview:xnview:1.20
Xnview » Xnview » Version: 1.21

cpe:2.3:a:xnview:xnview:1.21
Xnview » Xnview » Version: 1.22

cpe:2.3:a:xnview:xnview:1.22
Xnview » Xnview » Version: 1.23

cpe:2.3:a:xnview:xnview:1.23
Xnview » Xnview » Version: 1.24

cpe:2.3:a:xnview:xnview:1.24
Xnview » Xnview » Version: 1.25

cpe:2.3:a:xnview:xnview:1.25
Xnview » Xnview » Version: 1.30

cpe:2.3:a:xnview:xnview:1.30
Xnview » Xnview » Version: 1.31

cpe:2.3:a:xnview:xnview:1.31
Xnview » Xnview » Version: 1.32

cpe:2.3:a:xnview:xnview:1.32
Xnview » Xnview » Version: 1.33

cpe:2.3:a:xnview:xnview:1.33
Xnview » Xnview » Version: 1.34

cpe:2.3:a:xnview:xnview:1.34
Xnview » Xnview » Version: 1.35

cpe:2.3:a:xnview:xnview:1.35
Xnview » Xnview » Version: 1.36

cpe:2.3:a:xnview:xnview:1.36
Xnview » Xnview » Version: 1.37

cpe:2.3:a:xnview:xnview:1.37
Xnview » Xnview » Version: 1.40

cpe:2.3:a:xnview:xnview:1.40
Xnview » Xnview » Version: 1.41

cpe:2.3:a:xnview:xnview:1.41
Xnview » Xnview » Version: 1.45

cpe:2.3:a:xnview:xnview:1.45
Xnview » Xnview » Version: 1.46

cpe:2.3:a:xnview:xnview:1.46
Xnview » Xnview » Version: 1.50

cpe:2.3:a:xnview:xnview:1.50
Xnview » Xnview » Version: 1.50.1

cpe:2.3:a:xnview:xnview:1.50.1
Xnview » Xnview » Version: 1.55

cpe:2.3:a:xnview:xnview:1.55
Xnview » Xnview » Version: 1.60

cpe:2.3:a:xnview:xnview:1.60
Xnview » Xnview » Version: 1.61

cpe:2.3:a:xnview:xnview:1.61
Xnview » Xnview » Version: 1.65

cpe:2.3:a:xnview:xnview:1.65
Xnview » Xnview » Version: 1.66

cpe:2.3:a:xnview:xnview:1.66
Xnview » Xnview » Version: 1.67

cpe:2.3:a:xnview:xnview:1.67
Xnview » Xnview » Version: 1.68

cpe:2.3:a:xnview:xnview:1.68
Xnview » Xnview » Version: 1.68.1

cpe:2.3:a:xnview:xnview:1.68.1
Xnview » Xnview » Version: 1.70

cpe:2.3:a:xnview:xnview:1.70
Xnview » Xnview » Version: 1.70.2

cpe:2.3:a:xnview:xnview:1.70.2
Xnview » Xnview » Version: 1.70.3

cpe:2.3:a:xnview:xnview:1.70.3
Xnview » Xnview » Version: 1.70.4

cpe:2.3:a:xnview:xnview:1.70.4
Xnview » Xnview » Version: 1.74

cpe:2.3:a:xnview:xnview:1.74
Xnview » Xnview » Version: 1.80

cpe:2.3:a:xnview:xnview:1.80
Xnview » Xnview » Version: 1.80.1

cpe:2.3:a:xnview:xnview:1.80.1
Xnview » Xnview » Version: 1.80.2

cpe:2.3:a:xnview:xnview:1.80.2
Xnview » Xnview » Version: 1.80.3

cpe:2.3:a:xnview:xnview:1.80.3
Xnview » Xnview » Version: 1.82

cpe:2.3:a:xnview:xnview:1.82
Xnview » Xnview » Version: 1.82.2

cpe:2.3:a:xnview:xnview:1.82.2
Xnview » Xnview » Version: 1.82.3

cpe:2.3:a:xnview:xnview:1.82.3
Xnview » Xnview » Version: 1.82.4

cpe:2.3:a:xnview:xnview:1.82.4
Xnview » Xnview » Version: 1.90

cpe:2.3:a:xnview:xnview:1.90
Xnview » Xnview » Version: 1.90.1

cpe:2.3:a:xnview:xnview:1.90.1
Xnview » Xnview » Version: 1.90.3

cpe:2.3:a:xnview:xnview:1.90.3
Xnview » Xnview » Version: 1.91

cpe:2.3:a:xnview:xnview:1.91
Xnview » Xnview » Version: 1.91.1

cpe:2.3:a:xnview:xnview:1.91.1
Xnview » Xnview » Version: 1.91.2

cpe:2.3:a:xnview:xnview:1.91.2
Xnview » Xnview » Version: 1.91.3

cpe:2.3:a:xnview:xnview:1.91.3
Xnview » Xnview » Version: 1.91.4

cpe:2.3:a:xnview:xnview:1.91.4
Xnview » Xnview » Version: 1.91.5

cpe:2.3:a:xnview:xnview:1.91.5
Xnview » Xnview » Version: 1.91.6

cpe:2.3:a:xnview:xnview:1.91.6
Xnview » Xnview » Version: 1.92

cpe:2.3:a:xnview:xnview:1.92
Xnview » Xnview » Version: 1.92.1

cpe:2.3:a:xnview:xnview:1.92.1
Xnview » Xnview » Version: 1.93

cpe:2.3:a:xnview:xnview:1.93
Xnview » Xnview » Version: 1.93.1

cpe:2.3:a:xnview:xnview:1.93.1
Xnview » Xnview » Version: 1.93.2

cpe:2.3:a:xnview:xnview:1.93.2
Xnview » Xnview » Version: 1.93.3

cpe:2.3:a:xnview:xnview:1.93.3
Xnview » Xnview » Version: 1.93.4

cpe:2.3:a:xnview:xnview:1.93.4
Xnview » Xnview » Version: 1.93.6

cpe:2.3:a:xnview:xnview:1.93.6
Xnview » Xnview » Version: 1.94

cpe:2.3:a:xnview:xnview:1.94
Xnview » Xnview » Version: 1.94.1

cpe:2.3:a:xnview:xnview:1.94.1
Xnview » Xnview » Version: 1.94.2

cpe:2.3:a:xnview:xnview:1.94.2
Xnview » Xnview » Version: 1.95

cpe:2.3:a:xnview:xnview:1.95
Xnview » Xnview » Version: 1.95.1

cpe:2.3:a:xnview:xnview:1.95.1
Xnview » Xnview » Version: 1.95.2

cpe:2.3:a:xnview:xnview:1.95.2
Xnview » Xnview » Version: 1.95.3

cpe:2.3:a:xnview:xnview:1.95.3
Xnview » Xnview » Version: 1.95.4

cpe:2.3:a:xnview:xnview:1.95.4
Xnview » Xnview » Version: 1.96

cpe:2.3:a:xnview:xnview:1.96
Xnview » Xnview » Version: 1.96.1

cpe:2.3:a:xnview:xnview:1.96.1
Xnview » Xnview » Version: 1.96.2

cpe:2.3:a:xnview:xnview:1.96.2
Xnview » Xnview » Version: 1.96.5

cpe:2.3:a:xnview:xnview:1.96.5
Xnview » Xnview » Version: 1.97

cpe:2.3:a:xnview:xnview:1.97
Xnview » Xnview » Version: 1.97.1

cpe:2.3:a:xnview:xnview:1.97.1
Xnview » Xnview » Version: 1.97.2

cpe:2.3:a:xnview:xnview:1.97.2
Xnview » Xnview » Version: 1.97.3

cpe:2.3:a:xnview:xnview:1.97.3
Xnview » Xnview » Version: 1.97.4

cpe:2.3:a:xnview:xnview:1.97.4
Xnview » Xnview » Version: 1.97.5

cpe:2.3:a:xnview:xnview:1.97.5
Xnview » Xnview » Version: 1.97.6

cpe:2.3:a:xnview:xnview:1.97.6
Xnview » Xnview » Version: 1.97.7

cpe:2.3:a:xnview:xnview:1.97.7
Xnview » Xnview » Version: 1.97.8

cpe:2.3:a:xnview:xnview:1.97.8
Xnview » Xnview » Version: 1.98

cpe:2.3:a:xnview:xnview:1.98
Xnview » Xnview » Version: 1.98.1

cpe:2.3:a:xnview:xnview:1.98.1
Xnview » Xnview » Version: 1.98.2

cpe:2.3:a:xnview:xnview:1.98.2
Xnview » Xnview » Version: 1.98.3

cpe:2.3:a:xnview:xnview:1.98.3
Xnview » Xnview » Version: 1.98.4

cpe:2.3:a:xnview:xnview:1.98.4
Xnview » Xnview » Version: 1.98.5

cpe:2.3:a:xnview:xnview:1.98.5
Xnview » Xnview » Version: 1.98.6

cpe:2.3:a:xnview:xnview:1.98.6
Xnview » Xnview » Version: 1.98.7

cpe:2.3:a:xnview:xnview:1.98.7
Xnview » Xnview » Version: 1.98.8

cpe:2.3:a:xnview:xnview:1.98.8
Xnview » Xnview » Version: 1.99

cpe:2.3:a:xnview:xnview:1.99
Xnview » Xnview » Version: 1.99.1

cpe:2.3:a:xnview:xnview:1.99.1
Xnview » Xnview » Version: 2.00

cpe:2.3:a:xnview:xnview:2.00
Xnview » Xnview » Version: 2.03

cpe:2.3:a:xnview:xnview:2.03
Xnview » Xnview » Version: 2.10

cpe:2.3:a:xnview:xnview:2.10
Xnview » Xnview » Version: 2.11

cpe:2.3:a:xnview:xnview:2.11
Xnview » Xnview » Version: 2.12

cpe:2.3:a:xnview:xnview:2.12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-3939

Products

Pricing

Contact Us