Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow.
https://exchange.xforce.ibmcloud.com/vulnerabilities/56802
http://www.securityfocus.com/bid/38629
http://www.securityfocus.com/archive/1/509999/100/0/threaded