Shodan
Vulnerabilities
Vulnerable Software
Xnview:  >> Xnview  >> 2.40  Security Vulnerabilities
CVE-2017-8282
XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted .mov file that is mishandled during the opening of a directory in "Browser" mode, because of a "User Mode Write AV near NULL" in XnView.exe.
CVSS Score
7.8
EPSS Score
0.006
Published
2017-07-05
CVE-2017-8381
XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted .mkv file that is mishandled during the opening of a directory in "Browser" mode, because of a "User Mode Write AV near NULL" in XnView.exe.
CVSS Score
7.8
EPSS Score
0.006
Published
2017-07-05
CVE-2017-10740
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlRbInsertNodeEx+0x000000000000002d."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10741
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpWaitOnCriticalSection+0x0000000000000121."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10742
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x00000000380a0500 called from ntdll_77df0000!LdrxCallInitRoutine+0x0000000000000016."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10743
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!LdrpInitializeNode+0x000000000000015b."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10744
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting at COMCTL32!CToolTipsMgr::s_ToolTipsWndProc+0x0000000000000032."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10745
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!RtlProcessFlsData+0x00000000000000b0."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10746
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlEnterCriticalSection+0x0000000000000012."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05
CVE-2017-10747
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at xnview+0x000000000037a8aa."
CVSS Score
7.8
EPSS Score
0.001
Published
2017-07-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved