CVE-2012-0685
- EPSS 2.93%
- Veröffentlicht 09.05.2012 10:33:14
- Zuletzt bearbeitet 11.04.2025 00:51:21
Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0684.
CVE-2012-1051
- EPSS 3.14%
- Veröffentlicht 13.02.2012 19:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnView 1.98.5 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
CVE-2011-1338
- EPSS 0.05%
- Veröffentlicht 11.07.2011 20:55:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item.
CVE-2010-1932
- EPSS 8.26%
- Veröffentlicht 16.06.2010 20:30:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap (MBM) file with a Paint Data Section that contains a malformed Encoding field.
CVE-2009-4001
- EPSS 12.14%
- Veröffentlicht 15.03.2010 13:28:25
- Zuletzt bearbeitet 11.04.2025 00:51:21
Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow.
CVE-2008-1461
- EPSS 5.13%
- Veröffentlicht 24.03.2008 18:44:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controll...