Vulnerability-Lookup

CVE-2013-3939 (GCVE-0-2013-3939)

Vulnerability from cvelistv5 – Published: 2020-01-02 19:11 – Updated: 2024-08-06 16:30

Summary

xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.

Severity ?

No CVSS data available.

CWE

Other

Assigner

flexera

References

URL

Tags

	http://secunia.com/advisories/52101	third-party-advisoryx_refsource_SECUNIA
	http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	XnView	XnView	Affected: before 2.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:48.182Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "52101",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/52101"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "XnView",
          "vendor": "XnView",
          "versions": [
            {
              "status": "affected",
              "version": "before 2.13"
            }
          ]
        }
      ],
      "datePublic": "2013-12-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-02T19:11:43.000Z",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "52101",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/52101"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2013-3939",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "XnView",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before 2.13"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "XnView"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "52101",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/52101"
            },
            {
              "name": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087",
              "refsource": "CONFIRM",
              "url": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2013-3939",
    "datePublished": "2020-01-02T19:11:43.000Z",
    "dateReserved": "2013-06-04T00:00:00.000Z",
    "dateUpdated": "2024-08-06T16:30:48.182Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CNVD-2020-14080

Vulnerability from cnvd - Published: 2020-02-27

Title

XnView RGB文件处理缓冲区溢出漏洞

Description

XnView是法国软件开发者Gougelet Pierre-Emmanuel所研发的一套多平台图片查看软件。该软件可用于查看、转换、组织和编辑图形及视频文件。 XnView中存在远程缓冲区溢出漏洞，该漏洞源于程序未正确对用户提供的输入进行边界检查，导致程序复制数据的大小超出了分配的内存缓冲区空间。攻击者可利用该漏洞在应用程序上下文中执行任意代码，也可能造成拒绝服务。XnView 2.04版本中存在漏洞，其他版本也可能受到影响。

Severity

高

Patch Name

XnView RGB文件处理缓冲区溢出漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087

Reference

http://www.securityfocus.com/bid/64441

Impacted products

Name
Xnview XnView 2.04

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "64441"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2013-3939",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2013-3939"
    }
  },
  "description": "XnView\u662f\u6cd5\u56fd\u8f6f\u4ef6\u5f00\u53d1\u8005Gougelet Pierre-Emmanuel\u6240\u7814\u53d1\u7684\u4e00\u5957\u591a\u5e73\u53f0\u56fe\u7247\u67e5\u770b\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u53ef\u7528\u4e8e\u67e5\u770b\u3001\u8f6c\u6362\u3001\u7ec4\u7ec7\u548c\u7f16\u8f91\u56fe\u5f62\u53ca\u89c6\u9891\u6587\u4ef6\u3002\n\nXnView\u4e2d\u5b58\u5728\u8fdc\u7a0b\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u6b63\u786e\u5bf9\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u8fdb\u884c\u8fb9\u754c\u68c0\u67e5\uff0c\u5bfc\u81f4\u7a0b\u5e8f\u590d\u5236\u6570\u636e\u7684\u5927\u5c0f\u8d85\u51fa\u4e86\u5206\u914d\u7684\u5185\u5b58\u7f13\u51b2\u533a\u7a7a\u95f4\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5e94\u7528\u7a0b\u5e8f\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u4e5f\u53ef\u80fd\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002XnView 2.04\u7248\u672c\u4e2d\u5b58\u5728\u6f0f\u6d1e\uff0c\u5176\u4ed6\u7248\u672c\u4e5f\u53ef\u80fd\u53d7\u5230\u5f71\u54cd\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-14080",
  "openTime": "2020-02-27",
  "patchDescription": "XnView\u662f\u6cd5\u56fd\u8f6f\u4ef6\u5f00\u53d1\u8005Gougelet Pierre-Emmanuel\u6240\u7814\u53d1\u7684\u4e00\u5957\u591a\u5e73\u53f0\u56fe\u7247\u67e5\u770b\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u53ef\u7528\u4e8e\u67e5\u770b\u3001\u8f6c\u6362\u3001\u7ec4\u7ec7\u548c\u7f16\u8f91\u56fe\u5f62\u53ca\u89c6\u9891\u6587\u4ef6\u3002\r\n\r\nXnView\u4e2d\u5b58\u5728\u8fdc\u7a0b\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u6b63\u786e\u5bf9\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u8fdb\u884c\u8fb9\u754c\u68c0\u67e5\uff0c\u5bfc\u81f4\u7a0b\u5e8f\u590d\u5236\u6570\u636e\u7684\u5927\u5c0f\u8d85\u51fa\u4e86\u5206\u914d\u7684\u5185\u5b58\u7f13\u51b2\u533a\u7a7a\u95f4\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5e94\u7528\u7a0b\u5e8f\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u4e5f\u53ef\u80fd\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002XnView 2.04\u7248\u672c\u4e2d\u5b58\u5728\u6f0f\u6d1e\uff0c\u5176\u4ed6\u7248\u672c\u4e5f\u53ef\u80fd\u53d7\u5230\u5f71\u54cd\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "XnView RGB\u6587\u4ef6\u5904\u7406\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Xnview XnView 2.04"
  },
  "referenceLink": "http://www.securityfocus.com/bid/64441",
  "serverity": "\u9ad8",
  "submitTime": "2020-01-07",
  "title": "XnView RGB\u6587\u4ef6\u5904\u7406\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

GHSA-WFQ4-7R76-PFCQ

Vulnerability from github – Published: 2022-05-05 00:29 – Updated: 2022-05-05 00:29

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-3939"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-01-02T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.",
  "id": "GHSA-wfq4-7r76-pfcq",
  "modified": "2022-05-05T00:29:16Z",
  "published": "2022-05-05T00:29:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3939"
    },
    {
      "type": "WEB",
      "url": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/52101"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2013-3939

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-3939

Aliases

CVE-2013-3939

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-3939",
    "description": "xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.",
    "id": "GSD-2013-3939"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-3939"
      ],
      "details": "xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.",
      "id": "GSD-2013-3939",
      "modified": "2023-12-13T01:22:22.757651Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
        "ID": "CVE-2013-3939",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "XnView",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "before 2.13"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "XnView"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Other"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "52101",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/52101"
          },
          {
            "name": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087",
            "refsource": "CONFIRM",
            "url": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:xnview:xnview:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.13",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2013-3939"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087",
              "refsource": "CONFIRM",
              "tags": [
                "Permissions Required",
                "Vendor Advisory"
              ],
              "url": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087"
            },
            {
              "name": "52101",
              "refsource": "SECUNIA",
              "tags": [
                "Not Applicable",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/52101"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-01-15T14:16Z",
      "publishedDate": "2020-01-02T20:15Z"
    }
  }
}

FKIE_CVE-2013-3939

Vulnerability from fkie_nvd - Published: 2020-01-02 20:15 - Updated: 2024-11-21 01:54

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087	Permissions Required, Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/52101	Not Applicable, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://newsgroup.xnview.com/viewtopic.php?f=35&t=29087	Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/52101	Not Applicable, Vendor Advisory

Impacted products

	Vendor	Product	Version
	xnview	xnview	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xnview:xnview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7CE9A60-E0EA-413A-B058-007F50D879F5",
              "versionEndExcluding": "2.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "El archivo xnview.exe en XnView versiones anteriores a 2.13, no maneja apropiadamente las longitudes de banda RLE durante el procesamiento de archivos RGB, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio del campo de tama\u00f1o de banda RLE en un archivo RGB, lo que conlleva a un error de extensi\u00f3n de signo inesperado y un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria."
    }
  ],
  "id": "CVE-2013-3939",
  "lastModified": "2024-11-21T01:54:34.680",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-02T20:15:14.053",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Not Applicable",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/52101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "http://newsgroup.xnview.com/viewtopic.php?f=35\u0026t=29087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/52101"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-3939 (GCVE-0-2013-3939)

CNVD-2020-14080

GHSA-WFQ4-7R76-PFCQ

GSD-2013-3939

FKIE_CVE-2013-3939

Tags

Sightings

Nomenclature