Xnview

Xnview

156 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-10737

  • EPSS 0.05%
  • Published 05.07.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000002e6."

7.8

CVE-2017-10738

  • EPSS 0.05%
  • Published 05.07.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000002f32332f called from KER...

7.8

CVE-2017-10739

  • EPSS 0.05%
  • Published 05.07.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnv...

9.3

CVE-2012-4988

  • EPSS 48.29%
  • Published 09.07.2014 14:55:03
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.

9.3

CVE-2013-3938

  • EPSS 9.95%
  • Published 18.03.2014 17:02:52
  • Last modified 12.04.2025 10:46:40

Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow.

9.3

CVE-2013-2577

Exploit
  • EPSS 31.79%
  • Published 09.08.2013 21:55:06
  • Last modified 11.04.2025 00:51:21

Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file.

6.8

CVE-2012-0276

Exploit
  • EPSS 14.93%
  • Published 17.07.2012 21:55:01
  • Last modified 11.04.2025 00:51:21

Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF imag...

6.8

CVE-2012-0277

  • EPSS 4.56%
  • Published 17.07.2012 21:55:01
  • Last modified 11.04.2025 00:51:21

Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image.

6.8

CVE-2012-0282

Exploit
  • EPSS 11.25%
  • Published 17.07.2012 21:55:01
  • Last modified 11.04.2025 00:51:21

Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor structure in a GIF image.

9.3

CVE-2012-0684

  • EPSS 2.93%
  • Published 09.05.2012 10:33:14
  • Last modified 11.04.2025 00:51:21

Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0685.