Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.43

Denial of Service and Potential Code Execution Vulnerability in XnView Classic for Windows Version 2.43

CVE-2017-15802 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at ntdll_77310000!LdrpResCompareResourceNames+0x0000000000000087."

Learn more about our Web Application Penetration Testing UK.