CVE-2019-13083
Description
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000384e2a.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
XnView Classic 2.48 is vulnerable to an out-of-bounds write during file processing, potentially leading to code execution.
Vulnerability
XnView Classic version 2.48 (xnview.exe 2.48.0.0) contains an out-of-bounds write vulnerability during file processing. The bug is triggered at offset 0x384e2a, causing a user-mode write access violation [1].
Exploitation
An attacker must convince a user to open a specially crafted file in XnView Classic. Once the file is processed, the out-of-bounds write occurs, potentially corrupting memory.
Impact
Successful exploitation could lead to a crash or arbitrary code execution in the context of the current user. The vulnerability is classified as a high-severity issue due to the potential for memory corruption [1].
Mitigation
As of the publication date (2019-06-30), no fixed version is available. Users should consider upgrading to a newer, supported version of XnView or avoid opening untrusted files with XnView Classic 2.48.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- XnView/XnView Classicdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/apriorit/pentesting/blob/master/bugs/xnview/0x384e2a.mdmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.