XnView vulnerable to a buffer overflow attack
Security service provider Secunia has on Wednesday reported that a buffer overflow can occur in the popular XnView image viewer and converter when handling manipulated high dynamic range images in the Radiance RGBE (
.hdr) format. When opened, specially crafted
.hdr files can inject and execute a trojan via this bug. An update for the Windows version is available, but versions for other operating systems have yet to be patched.
The vulnerability is due to a flawed length check in versions 1.91 and 1.92 of XnView. The developer believes that previous versions also contain the flawed code. Versions for Windows, Mac OS X, Linux, BSD, Irix, Solaris, HP-UX and AIX are all probably affected. The vulnerability is also present in NConvert 4.85 and the GFL SDK 2.870 software development kit.
The developer has made the current versions 1.9 2.1 of XnView and 4.86 of NConvert for Windows available for downloading. There is no update yet for GFL-SDK or for Mac and UNIX versions. Users are advised to install the fixed version as soon as possible. Users of platforms for which no update is yet available should not open any
.hdr files from unknown or suspect sources with the software.
- XnView, NConvert, and GFL SDK Radiance RGBE Buffer Overflow, Secunia's security advisory
- Current version of XnView and NConvert