Vulnerabilities
Vulnerable Software
Xnview:  >> Xnview  >> 2.43  Security Vulnerabilities
Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-11
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000032eb."
CVSS Score
7.8
EPSS Score
0.004
Published
2017-10-22
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x0000000000285ce1."
CVSS Score
7.8
EPSS Score
0.002
Published
2017-10-22
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to an "Illegal Instruction Violation starting at xnview+0x0000000000370074."
CVSS Score
7.8
EPSS Score
0.004
Published
2017-10-22
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from CADImage+0x0000000000286a79."
CVSS Score
7.8
EPSS Score
0.004
Published
2017-10-22
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x00000000001a78db."
CVSS Score
7.8
EPSS Score
0.002
Published
2017-10-22
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation starting at xnview+0x0000000000580063."
CVSS Score
7.8
EPSS Score
0.004
Published
2017-10-22
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x0000000000002d83."
CVSS Score
7.8
EPSS Score
0.004
Published
2017-10-22
XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000048e7."
CVSS Score
7.8
EPSS Score
0.004
Published
2017-10-22
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address may be used as a return value starting at CADImage+0x0000000000285e9d."
CVSS Score
7.8
EPSS Score
0.002
Published
2017-10-22


Contact Us

Shodan ® - All rights reserved