Vulnerability Details CVE-2023-43250
XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There is a User Mode Write AV via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.9%
CVSS Severity
CVSS v3 Score 7.8
References
- http://packetstormsecurity.com/files/175145/XNSoft-Nconvert-7.136-Buffer-Overflow-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2023/Oct/15
- https://github.com/mrtouch93/exploits/tree/main/NConvert7.136/User%20Mode%20Write%20AV
- https://www.xnview.com/en/nconvert/
- http://packetstormsecurity.com/files/175145/XNSoft-Nconvert-7.136-Buffer-Overflow-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2023/Oct/15
- https://github.com/mrtouch93/exploits/tree/main/NConvert7.136/User%20Mode%20Write%20AV
- https://www.xnview.com/en/nconvert/