Vulnonym.org

CVE-2008-2427 - Keratinous Heads

Description

Stack-based buffer overflow in NConvert 4.92 GFL SDK 2.82 and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.

Reference

http://secunia.com/secunia_research/2008-24/advisory/ http://www.securityfocus.com/bid/29851 http://securitytracker.com/id?1020340 http://secunia.com/advisories/30416 http://secunia.com/advisories/30789 http://securityreason.com/securityalert/3956 http://www.vupen.com/english/advisories/2008/1896 http://www.vupen.com/english/advisories/2008/1897 https://www.exploit-db.com/exploits/5951 http://www.securityfocus.com/archive/1/493505/100/0/threaded