Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker.
https://exchange.xforce.ibmcloud.com/vulnerabilities/41245
http://www.securityfocus.com/archive/1/489658/100/0/threaded