Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File

Arbitrary Code Execution and Denial of Service Vulnerability in XnView Classic for Windows Version 2.43 via Crafted .dwg File

CVE-2017-15789 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000048e7."

Learn more about our User Device Pen Test.