CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10772
https://notcve.org/view.php?id=CVE-2017-10772
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!memcmp+0x0000000000000018" (with RPC initialization). XnView Classic para Windows versión 2.40, podría permitir a los atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado por medio de un archivo .rle creado, relacionado a "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!memcmp+0x0000000000000018" (con inicialización RPC). • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10772 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10782
https://notcve.org/view.php?id=CVE-2017-10782
XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca." XnView Classic para Windows versión 2.40, podría permitir a los atacantes causar una denegación de servicio o posiblemente tener otro impacto no especificado por medio de un archivo .rle creado, relacionado a "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca". • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10782 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8381
https://notcve.org/view.php?id=CVE-2017-8381
XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted .mkv file that is mishandled during the opening of a directory in "Browser" mode, because of a "User Mode Write AV near NULL" in XnView.exe. XnView Classic para Windows versión 2.40, permite que los atacantes remotos asistidos por el usuario ejecuten código por medio de un archivo .mkv especialmente diseñado que se maneja inapropiadamente durante la apertura de un directorio en el modo "Browser", debido a un "User Mode Write AV near NULL" en el archivo XnView.exe. • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-8381 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9894
https://notcve.org/view.php?id=CVE-2017-9894
XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx!gffGetFormatInfo+0x0000000000029272." XnView Classic para Windows en su versión 2.40 permite a atacantes remotos ejecutar código mediante un archivo .fpx manipulado, relacionado a "User Mode Write AV comenzado en Xfpx!gffGetFormatInfo+0x0000000000029272." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9894 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9900
https://notcve.org/view.php?id=CVE-2017-9900
XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at Xfpx!gffGetFormatInfo+0x000000000002e385." XnView Classic para Windows en su versión 2.40 permite a atacantes remotos ejecutar código mediante un archivo .fpx manipulado, relacionado a "Data from Faulting Address controls Code Flow comenzado en Xfpx!gffGetFormatInfo+0x000000000002e385." • https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9900 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •