CVE-2017-9894
https://notcve.org/view.php?id=CVE-2017-9894
XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx!gffGetFormatInfo+0x0000000000029272." XnView Classic para Windows en su versión 2.40 permite a atacantes remotos ejecutar código mediante un archivo .fpx manipulado, relacionado a "User Mode Write AV comenzado en Xfpx!gffGetFormatInfo+0x0000000000029272." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9894 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-10748
https://notcve.org/view.php?id=CVE-2017-10748
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at xnview+0x000000000022bf8d." XnView Classic para Windows versión 2.40, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio por medio de un archivo .rle creado, relacionado a un "User Mode Write AV starting at xnview+0x000000000022bf8d." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10748 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-10768
https://notcve.org/view.php?id=CVE-2017-10768
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpInsertFreeBlock+0x00000000000001ca." XnView Classic para Windows versión 2.40, podría permitir a los atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado por medio de un archivo .rle creado, relacionado a "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpInsertFreeBlock+0x00000000000001ca". • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10768 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •