VDB
CVE-2008-0064
CVE-2008-0064
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.
EPSS 6.94% · 91.6th percentile
Risk Scores
CVSS 2.0
9.300000190734863
EPSS Score
6.94%
91.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| pierreegougelet | gfl_sdk | 2.870 |
| pierreegougelet | nconvert | 0 |
| pierreegougelet | xnview | 0, 0 |
| n/a | n/a | n/a |
Timeline
- Jan 31, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 1, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- http://secunia.com/secunia_research/2008-1/advisory url
- 28710 third-party-advisory
- ADV-2008-0328 vdb
- ADV-2008-0329 vdb
- 28326 third-party-advisory
- 27514 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2008-0064 advisory