VDB
CVE-2008-1461
CVE-2008-1461
PUBLISHED
CVSS 7.599999904632568 HIGH
Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker.
EPSS 4.90% · 89.8th percentile
Risk Scores
CVSS 2.0
7.599999904632568
EPSS Score
4.90%
89.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| xnview | xnview | 1.92.1 |
| n/a | n/a | n/a |
Timeline
- Mar 24, 2008 CVE Published
- Feb 5, 2014 PoC Published
- Feb 5, 2014 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- http://www.click-internet.fr/index.php?cki=News&news=9 url
- 28259 vdb
- 20080315 XNview 1.92.1 Long Filename Overflow mailing-list
- 3761 third-party-advisory
- xnview-filename-bo(41245) vdb
- https://nvd.nist.gov/vuln/detail/CVE-2008-1461 advisory