Xnview
Sign in to watchby Xnview
CVEs (131)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-10747 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at xnview+0x000000000037a8aa." | |
| CVE-2017-10746 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlEnterCriticalSection+0x0000000000000012." | |
| CVE-2017-10745 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!RtlProcessFlsData+0x00000000000000b0." | |
| CVE-2017-10744 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting at COMCTL32!CToolTipsMgr::s_ToolTipsWndProc+0x0000000000000032." | |
| CVE-2017-10743 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!LdrpInitializeNode+0x000000000000015b." | |
| CVE-2017-10742 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x00000000380a0500 called from ntdll_77df0000!LdrxCallInitRoutine+0x0000000000000016." | |
| CVE-2017-10741 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121." | |
| CVE-2017-10740 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlRbInsertNodeEx+0x000000000000002d." | |
| CVE-2017-10739 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnview+0x00000000003826ec." | |
| CVE-2017-10738 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000002f32332f called from KERNELBASE!CompareStringW+0x0000000000000082." | |
| CVE-2017-10737 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000002e6." | |
| CVE-2017-10736 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at msvcrt!_VEC_memzero+0x000000000000006a." | |
| CVE-2013-2577 | 0.06 | — | 0.32 | Aug 9, 2013 | Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. | ||
| CVE-2012-0282 | 0.04 | — | 0.11 | Jul 17, 2012 | Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor structure in a GIF image. | ||
| CVE-2012-0276 | 0.04 | — | 0.17 | Jul 17, 2012 | Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL. | ||
| CVE-2010-1932 | 0.04 | — | 0.08 | Jun 16, 2010 | Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap (MBM) file with a Paint Data Section that contains a malformed Encoding field. | ||
| CVE-2012-0277 | 0.03 | — | 0.06 | Jul 17, 2012 | Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image. | ||
| CVE-2008-1461 | 0.03 | — | 0.05 | Mar 24, 2008 | Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker. | ||
| CVE-2013-3938 | 0.01 | — | 0.12 | Mar 18, 2014 | Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow. | ||
| CVE-2009-4001 | 0.01 | — | 0.12 | Mar 15, 2010 | Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow. |
Page 6 of 7