CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10738
https://notcve.org/view.php?id=CVE-2017-10738
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000002f32332f called from KERNELBASE!CompareStringW+0x0000000000000082." XnView Classic para Windows versión 2.40, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio por medio de un archivo .rle creado, relacionado a una "Data Execution Prevention Violation starting at Unknown Symbol @ 0x000000002f32332f called from KERNELBASE!CompareStringW+0x0000000000000082." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10738 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10753
https://notcve.org/view.php?id=CVE-2017-10753
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByMapping+0x0000000000000046." XnView Classic para Windows versión 2.40, podría permitir a los atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado por medio de un archivo .rle creado, relacionado a "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!LdrpFindLoadedDllByMapping+0x0000000000000046." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10753 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10775
https://notcve.org/view.php?id=CVE-2017-10775
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation starting at GDI32!ScriptGetCMapWithSurrogate+0x00000000000001cb." XnView Classic para Windows versión 2.40, podría permitir a los atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado por medio de un archivo .rle creado, relacionado a una "Read Access Violation starting at GDI32!ScriptGetCMapWithSurrogate+0x00000000000001cb". • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10775 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10756
https://notcve.org/view.php?id=CVE-2017-10756
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpRemoveUCRBlock+0x0000000000000046." XnView Classic para Windows versión 2.40, podría permitir a los atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado por medio de un archivo .rle creado, relacionado a "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpRemoveUCRBlock+0x0000000000000046." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10756 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8381
https://notcve.org/view.php?id=CVE-2017-8381
XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted .mkv file that is mishandled during the opening of a directory in "Browser" mode, because of a "User Mode Write AV near NULL" in XnView.exe. XnView Classic para Windows versión 2.40, permite que los atacantes remotos asistidos por el usuario ejecuten código por medio de un archivo .mkv especialmente diseñado que se maneja inapropiadamente durante la apertura de un directorio en el modo "Browser", debido a un "User Mode Write AV near NULL" en el archivo XnView.exe. • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-8381 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •