Xnview: Security Vulnerabilities
Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item.
CVSS Score
6.9
EPSS Score
0.001
Published
2011-07-11
Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap (MBM) file with a Paint Data Section that contains a malformed Encoding field.
CVSS Score
9.3
EPSS Score
0.08
Published
2010-06-16
Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow.
CVSS Score
9.3
EPSS Score
0.121
Published
2010-03-15
Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker.
CVSS Score
7.6
EPSS Score
0.049
Published
2008-03-24
Page 18