Nixpkgs Security Tracker

Untriaged

Permalink CVE-2013-3246

created 1 month ago

Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows …

Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/84643 x_refsource_MISC
http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml x_refsource_MISC
http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml x_transferred x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84643 x_transferred x_refsource_MISC
http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84643 x_refsource_MISC
http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml x_transferred x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84643 x_transferred x_refsource_MISC

Affected products

XnView

==before 2.03

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Untriaged

Permalink CVE-2013-3493

created 1 month ago

XnView 2.03 has an integer overflow vulnerability

References

http://www.securityfocus.com/bid/61505 x_refsource_MISC
http://www.securityfocus.com/bid/61505 x_transferred x_refsource_MISC
http://www.securityfocus.com/bid/61505 x_refsource_MISC
http://www.securityfocus.com/bid/61505 x_transferred x_refsource_MISC

Affected products

XnView

==2.03

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Untriaged

Permalink CVE-2013-3492

created 1 month ago

XnView 2.03 has a stack-based buffer overflow vulnerability

References

http://www.securityfocus.com/bid/61503 x_refsource_MISC
http://www.securityfocus.com/bid/61503 x_transferred x_refsource_MISC
http://www.securityfocus.com/bid/61503 x_refsource_MISC
http://www.securityfocus.com/bid/61503 x_transferred x_refsource_MISC

Affected products

XnView

==2.03

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Untriaged

Permalink CVE-2013-3941

created 1 month ago

Xjp2.dll in XnView before 2.13 allows remote attackers to execute …

Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow.

References

http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_refsource_MISC
http://secunia.com/advisories/52101 x_refsource_MISC
http://secunia.com/advisories/52101 x_transferred x_refsource_MISC
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_transferred x_refsource_MISC
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_refsource_MISC
http://secunia.com/advisories/52101 x_refsource_MISC
http://secunia.com/advisories/52101 x_transferred x_refsource_MISC
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_transferred x_refsource_MISC

Affected products

XnView

==before 2.13

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Untriaged

Permalink CVE-2013-3939

created 1 month ago

xnview.exe in XnView before 2.13 does not properly handle RLE …

xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.

References

52101 x_refsource_SECUNIA third-party-advisory
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_refsource_CONFIRM
52101 x_refsource_SECUNIA third-party-advisory x_transferred
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_transferred x_refsource_CONFIRM
52101 x_refsource_SECUNIA third-party-advisory
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_refsource_CONFIRM
52101 x_refsource_SECUNIA third-party-advisory x_transferred
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_transferred x_refsource_CONFIRM

Affected products

XnView

==before 2.13

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Untriaged

Permalink CVE-2013-3937

created 1 month ago

Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows …

Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.

References

52101 x_refsource_SECUNIA third-party-advisory
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_refsource_CONFIRM
52101 x_refsource_SECUNIA third-party-advisory x_transferred
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_transferred x_refsource_CONFIRM
52101 x_refsource_SECUNIA third-party-advisory
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_refsource_CONFIRM
52101 x_refsource_SECUNIA third-party-advisory x_transferred
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_transferred x_refsource_CONFIRM

Affected products

XnView

==before 2.13

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Untriaged

Permalink CVE-2013-3247

created 1 month ago

Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows …

Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file.

References

http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84642 x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84642 x_transferred x_refsource_MISC
http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml x_transferred x_refsource_MISC
http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84642 x_refsource_MISC
http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml x_transferred x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84642 x_transferred x_refsource_MISC

Affected products

XnView

==before 2.03

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers