CVE-2019-13261

Vulnerability

XnView Classic version 2.48 (x86) contains a user-mode write access violation vulnerability at offset 0x0000000000328384 in the xnview.exe binary. The crash occurs when the application attempts to process a malformed image file, as demonstrated by a proof-of-concept file (id_000055_00) [1]. The vulnerability is triggered during file parsing, indicating a lack of proper bounds checking or input validation.

Exploitation

An attacker can exploit this vulnerability by crafting a malicious image file that triggers the write access violation when opened with XnView Classic 2.48. No special privileges are required; the victim only needs to open the file using the vulnerable application. The attacker does not need network access beyond delivering the file (e.g., via email, download, or removable media). The crash occurs immediately upon file processing, as shown in the debugger output [1].

Impact

Successful exploitation causes a user-mode write access violation, resulting in a denial of service (application crash). Depending on memory layout and exploitability, this vulnerability could potentially be leveraged to achieve arbitrary code execution in the context of the current user. However, the available reference only confirms a crash [1].

Mitigation

As of the publication date (2019-07-04), no official patch or fixed version has been released for XnView Classic 2.48. Users are advised to avoid opening untrusted image files with this version and consider upgrading to a newer version if available. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.