Code smuggling through XnView slide shows
Security service provider Secunia reports that manipulated slide shows can cause the XnView image viewer/converter to malfunction. Attackers can exploit the bug using specially crafted files to inject malicious code via websites or e-mails.
The vulnerability is due to a boundary error in the FontName parameter of slide show files (.sld). If the name is too long, a stack-based buffer overflow can occur. The error affects XnView 1.92, 1.92.1 and possibly older versions. Version 1.93.4, which no longer contains the flaw, is now available for download on the homepage. Usersof this software should update to this version immediately.
See also:
- XnView Slideshow "FontName" Buffer Overflow Vulnerability, Secunia security advisory
- Download the current XnView version
(mba)