Vulnerabilities > Xnview > Xnview > 1.37
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-11 | CVE-2021-28835 | Classic Buffer Overflow vulnerability in Xnview Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file. | 7.8 |
| 2020-01-02 | CVE-2013-3941 | Out-of-bounds Write vulnerability in Xnview Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow. | 7.5 |
| 2020-01-02 | CVE-2013-3939 | Out-of-bounds Write vulnerability in Xnview xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow. | 6.8 |
| 2020-01-02 | CVE-2013-3937 | Out-of-bounds Write vulnerability in Xnview Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file. | 6.8 |
| 2020-01-02 | CVE-2013-3247 | Out-of-bounds Write vulnerability in Xnview Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file. | 6.8 |
| 2020-01-02 | CVE-2013-3246 | Out-of-bounds Write vulnerability in Xnview Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file. | 6.8 |
| 2013-08-09 | CVE-2013-2577 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xnview Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. | 9.3 |
| 2012-07-17 | CVE-2012-0282 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xnview Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor structure in a GIF image. | 6.8 |
| 2012-07-17 | CVE-2012-0277 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xnview Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image. | 6.8 |
| 2012-07-17 | CVE-2012-0276 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xnview Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL. | 6.8 |