CVE-2009-4001 Information

Description

Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions leading to a heap-based buffer overflow.

Reference

http://newsgroup.xnview.com/viewtopic.php?f=35&t=19469 http://secunia.com/secunia_research/2009-60/ http://www.osvdb.org/62829 http://www.securityfocus.com/archive/1/509999/100/0/threaded http://www.securityfocus.com/bid/38629 https://exchange.xforce.ibmcloud.com/vulnerabilities/56802