Unrated severityNVD Advisory· Published Jul 11, 2011· Updated Apr 29, 2026

CVE-2011-1338

Description

Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item.

Affected products

Xnview/Xnview7 versions
cpe:2.3:a:xnview:xnview:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:xnview:xnview:*:*:*:*:*:*:*:*range: <=1.98
- cpe:2.3:a:xnview:xnview:1.74:*:*:*:*:*:*:*
- cpe:2.3:a:xnview:xnview:1.80:*:*:*:*:*:*:*
- cpe:2.3:a:xnview:xnview:1.80.1:*:*:*:*:*:*:*
- cpe:2.3:a:xnview:xnview:1.80.2:*:*:*:*:*:*:*
- cpe:2.3:a:xnview:xnview:1.80.3:*:*:*:*:*:*:*
- cpe:2.3:a:xnview:xnview:1.82:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/45127nvdVendor Advisory
jvn.jp/en/jp/JVN17844633/index.htmlnvd
jvndb.jvn.jp/jvndb/JVNDB-2011-000050nvd
www.osvdb.org/73619nvd
www.securityfocus.com/bid/48562nvd
exchange.xforce.ibmcloud.com/vulnerabilities/68369nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000