Vulnerabilities > Xnview
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-07-17 | CVE-2012-0282 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xnview Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor structure in a GIF image. | 6.8 |
| 2012-07-17 | CVE-2012-0277 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xnview Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image. | 6.8 |
| 2012-07-17 | CVE-2012-0276 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xnview Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL. | 6.8 |
| 2012-05-09 | CVE-2012-0685 | Numeric Errors vulnerability in Xnview Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0684. | 9.3 |
| 2012-05-09 | CVE-2012-0684 | Numeric Errors vulnerability in Xnview Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0685. | 9.3 |
| 2012-02-13 | CVE-2012-1051 | Buffer Errors vulnerability in Xnview 1.98.5 Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnView 1.98.5 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | 6.8 |
| 2011-07-11 | CVE-2011-1338 | DLL Loading Arbitrary Code Execution vulnerability in XnView Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item. local xnview | 6.9 |
| 2010-06-16 | CVE-2010-1932 | Buffer Errors vulnerability in Xnview 1.97.4 Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap (MBM) file with a Paint Data Section that contains a malformed Encoding field. | 9.3 |
| 2010-03-15 | CVE-2009-4001 | Numeric Errors vulnerability in Xnview Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow. | 9.3 |
| 2008-03-24 | CVE-2008-1461 | Buffer Errors vulnerability in Xnview 1.92.1 Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. | 7.6 |