Xnview

Xnview

156 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-10737

  • EPSS 0.36%
  • Veröffentlicht 05.07.2017 20:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000002e6."

7.8

CVE-2017-10738

  • EPSS 0.36%
  • Veröffentlicht 05.07.2017 20:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000002f32332f called from KER...

7.8

CVE-2017-10739

  • EPSS 0.36%
  • Veröffentlicht 05.07.2017 20:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnv...

9.3

CVE-2012-4988

  • EPSS 9.85%
  • Veröffentlicht 09.07.2014 14:55:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.

9.3

CVE-2013-3938

  • EPSS 3.5%
  • Veröffentlicht 18.03.2014 17:02:52
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow.

9.3

CVE-2013-2577

Exploit
  • EPSS 11.84%
  • Veröffentlicht 09.08.2013 21:55:06
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file.

6.8

CVE-2012-0276

Exploit
  • EPSS 8.32%
  • Veröffentlicht 17.07.2012 21:55:01
  • Zuletzt bearbeitet 16.06.2026 23:37:01

Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF imag...

6.8

CVE-2012-0277

  • EPSS 8.01%
  • Veröffentlicht 17.07.2012 21:55:01
  • Zuletzt bearbeitet 16.06.2026 23:37:02

Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image.

6.8

CVE-2012-0282

Exploit
  • EPSS 7.45%
  • Veröffentlicht 17.07.2012 21:55:01
  • Zuletzt bearbeitet 16.06.2026 23:37:02

Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor structure in a GIF image.

9.3

CVE-2012-0684

  • EPSS 3.74%
  • Veröffentlicht 09.05.2012 10:33:14
  • Zuletzt bearbeitet 16.06.2026 23:38:04

Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0685.