Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File

Denial of Service Vulnerability in XnView Classic for Windows Version 2.40 via Crafted .rle File

CVE-2017-10782 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpFreeHeap+0x00000000000003ca."

Learn more about our Web Application Penetration Testing UK.