| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted .mkv file that is mishandled during the opening of a directory in "Browser" mode, because of a "User Mode Write AV near NULL" in XnView.exe. |
| XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByName+0x00000000000000a5." |
| XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADImage+0x0000000000288750." |
| XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADImage+0x00000000000034b0." |
| XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000032eb." |
| XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at jbig2dec+0x0000000000008fe4." |
| XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x0000000000004efd." |
| XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at Xfpx+0x00000000000117ff." |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!RtlProcessFlsData+0x00000000000000b0." |
| XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByHandle+0x0000000000000031." |
| XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x0000000000285ce1." |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnview+0x00000000003826ec." |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting at COMCTL32!CToolTipsMgr::s_ToolTipsWndProc+0x0000000000000032." |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV near NULL starting at ntdll_77df0000!RtlEnterCriticalSection+0x0000000000000012." |
| XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpRemoveUCRBlock+0x0000000000000046." |
| XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpAllocateHeap+0x0000000000000429." |
| Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file. |
| Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow. |
| Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0684. |
| Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. |
