CVE-2019-13085

Vulnerability

XnView Classic version 2.48.0.0 (x86) contains an out-of-bounds write (OOBW) vulnerability during file processing. The bug triggers a user-mode write access violation at address xnview+0x30ecfa [1]. The exact file type or parsing routine is not specified, but the crash occurs when opening a crafted file.

Exploitation

To exploit this vulnerability, an attacker must convince a user to open a malicious file in XnView Classic. No special privileges are needed, as the file can be delivered via email, web download, or other means. Upon opening the file, the out-of-bounds write causes a crash [1]. Successful exploitation may require additional knowledge of memory layout for code execution.

Impact

The immediate impact is a denial of service due to application crash. However, out-of-bounds writes can potentially be leveraged for arbitrary code execution, though no exploit code is provided in the reference [1]. The crash indicates memory corruption, which could be further exploited depending on the attacker's skill.

Mitigation

As of the CVE publication date (2019-06-30), no official patch was available. Users should update XnView Classic to a version newer than 2.48 if a fix exists. Until then, avoid opening untrusted files with XnView Classic. No workaround is documented in the reference [1].