John Bradley : Security Vulnerabilities, CVEs,
Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a filename.
Max CVSS
5.1
EPSS Score
0.49%
Published
2005-05-02
Updated
2008-09-05
Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
2.55%
Published
2004-08-20
Updated
2017-07-11
Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a crafted image file.
Max CVSS
7.5
EPSS Score
1.62%
Published
2004-12-31
Updated
2017-07-11
3 vulnerabilities found