Shodan
Vulnerabilities
Vulnerable Software
Xnview:  Security Vulnerabilities
CVE-2017-10763
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByHandle+0x0000000000000031."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10764
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at COMCTL32!Tab_OnGetItem+0x000000000000002f."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10765
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at IMM32!ImmLockImeDpi+0x0000000000000050."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10766
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!ScriptStringAnalyse+0x00000000000001c8."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10736
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at msvcrt!_VEC_memzero+0x000000000000006a."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10737
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000002e6."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10738
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000002f32332f called from KERNELBASE!CompareStringW+0x0000000000000082."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10739
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnview+0x00000000003826ec."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2012-4988
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.
CVSS Score
9.3
EPSS Score
0.483
Published
2014-07-09
CVE-2013-3938
Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow.
CVSS Score
9.3
EPSS Score
0.1
Published
2014-03-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved