Nixpkgs security tracker

Permalink CVE-2013-3246

created 2 months ago Activity log

Created suggestion 2 months ago

Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows …

Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file.

References

http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml x_transferredx_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84643 x_transferredx_refsource_MISC

Affected products

XnView

==before 2.03

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Permalink CVE-2013-3247

created 2 months ago Activity log

Created suggestion 2 months ago

Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows …

Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file.

References

http://www.fuzzmyapp.com/advisories/FMA-2013-003/FMA-2013-003-EN.xml x_transferredx_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84642 x_transferredx_refsource_MISC

Affected products

XnView

==before 2.03

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Permalink CVE-2013-3937

created 2 months ago Activity log

Created suggestion 2 months ago

Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows …

Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.

References

52101 x_transferredx_refsource_SECUNIAthird-party-advisory
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_refsource_CONFIRMx_transferred

Affected products

XnView

==before 2.13

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Permalink CVE-2013-3492

created 2 months ago Activity log

Created suggestion 2 months ago

XnView 2.03 has a stack-based buffer overflow vulnerability

References

http://www.securityfocus.com/bid/61503 x_transferredx_refsource_MISC

Affected products

XnView

==2.03

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Permalink CVE-2013-3941

created 2 months ago Activity log

Created suggestion 2 months ago

Xjp2.dll in XnView before 2.13 allows remote attackers to execute …

Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow.

References

http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_transferredx_refsource_MISC
http://secunia.com/advisories/52101 x_transferredx_refsource_MISC

Affected products

XnView

==before 2.13

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Permalink CVE-2013-3493

created 2 months ago Activity log

Created suggestion 2 months ago

XnView 2.03 has an integer overflow vulnerability

References

http://www.securityfocus.com/bid/61505 x_transferredx_refsource_MISC

Affected products

XnView

==2.03

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Permalink CVE-2013-3939

created 2 months ago Activity log

Created suggestion 2 months ago

xnview.exe in XnView before 2.13 does not properly handle RLE …

xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.

References

52101 x_transferredx_refsource_SECUNIAthird-party-advisory
http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087 x_transferredx_refsource_CONFIRM

Affected products

XnView

==before 2.13

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

nixos-unstable 1.9.8
- nixpkgs-unstable 1.9.8
- nixos-unstable-small 1.9.8
nixos-25.11 1.9.5
- nixos-25.11-small 1.9.5
- nixpkgs-25.11-darwin 1.9.5

Package maintainers

@oddlama oddlama <oddlama@oddlama.org>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.xnviewmp

Package maintainers