Xnview » Xnview : Security Vulnerabilities, CVEs,

Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.

Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.

XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001fc0.

XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001e51.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x00000000003283eb.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000328384.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327a07.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000032e566.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000328165.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x00000000003273aa.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000032e849.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327464.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000032e808.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000385474.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000030ecfa.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000026b739.

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000384e2a.

XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at MSVCR120!memcpy+0x0000000000000074 and application crash) or possibly have unspecified other impact via a crafted RLE file.

XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at Qt5Core!QVariant::~QVariant+0x0000000000000014 and application crash) or possibly have unspecified other impact via a crafted RLE file.

XnView 2.45 allows remote attackers to cause a denial of service (Read Access Violation at the Instruction Pointer and application crash) or possibly have unspecified other impact via a crafted ICO file.

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000150."

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000087."

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResSearchResourceInsideDirectory+0x000000000000029e."

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000048e7."

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x0000000000002d83."