CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8781
https://notcve.org/view.php?id=CVE-2017-8781
XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted JPEG 2000 file that is mishandled during the opening of a directory in "Browser" mode, because of a "Stack Buffer Overrun" issue. XnView Classic para Windows versión 2.40, permite a atacantes remotos asistidos por el usuario ejecutar código por medio de un archivo JPEG 2000 especialmente diseñado que se maneja inapropiadamente durante la apertura de un directorio en el modo "Browser", debido a un problema de "Stack Buffer Overrun". • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-8781 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9529
https://notcve.org/view.php?id=CVE-2017-9529
XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x0000000000004efd." XnView Classic para Windows versión 2.40, permite a atacantes remotos ejecutar código por medio de un archivo .fpx especialmente diseñado, relacionado a un "User Mode Write AV starting at Xfpx+0x0000000000004efd." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9529 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10739
https://notcve.org/view.php?id=CVE-2017-10739
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnview+0x00000000003826ec." XnView Classic para Windows versión 2.40, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio por medio de un archivo .rle creado, relacionado a una "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000000c1b541c called from xnview+0x00000000003826ec." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10739 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9897
https://notcve.org/view.php?id=CVE-2017-9897
XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x000000000000dcab." XnView Classic para Windows en su versión 2.40 permite a atacantes remotos ejecutar código mediante un archivo .fpx manipulado, relacionado a "User Mode Write AV comenzado en Xfpx+0x000000000000dcab." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9897 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10743
https://notcve.org/view.php?id=CVE-2017-10743
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!LdrpInitializeNode+0x000000000000015b." XnView Classic para Windows versión 2.40, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio por medio de un archivo .rle creado, relacionado a "Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!LdrpInitializeNode+0x000000000000015b." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10743 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •