Primary

Context

XnSoft NConvert Stack Buffer Overrun Vulnerability

Vulnerability

A stack buffer overrun vulnerability has been identified in XnSoft NConvert version 7.230. This vulnerability can be exploited by using a crafted .tiff file, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a stack buffer overrun, which can disrupt the normal operation of the application and potentially allow for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by using the command line option '-out tiff' with a crafted .tiff file named 'id_000003_00'. This command will trigger the stack buffer overrun while processing the file.

Added: Mar 23, 2026, 5:25 PM

Updated: Mar 23, 2026, 5:25 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

5.6

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

5.6

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

XnSoft NConvert Stack Buffer Overrun Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

XnSoft NConvert

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating