Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .fpx File

Denial of Service and Potential Remote Code Execution in XnView Classic for Windows Version 2.40 via Crafted .fpx File

CVE-2017-9905 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at Xfpx!gffGetFormatInfo+0x00000000000228e8."

Learn more about our Web Application Penetration Testing UK.