Vulnerabilities > CVE-2004-1726 - Buffer Overflow and Integer Handling vulnerability in John Bradley XV 3.10A

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
john-bradley

Summary

Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.

Vulnerable Configurations

Part Description Count
Application
John_Bradley
1