CVE-2008-0064| Date: (C)2008-01-31 (M)2015-12-16 |
| |
| CVSS Score: 9.3 | Access Vector: NETWORK |
| Exploitability Subscore: 8.6 | Access Complexity: MEDIUM |
| Impact Subscore: 10.0 | Authentication: NONE |
| | Confidentiality: COMPLETE |
| | Integrity: COMPLETE |
| | Availability: COMPLETE |
Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.
