XnView < 1.98.1 Insecure Executable Loading

This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that loads
executables in an insecure manner.

Description :

The version of XnView installed on the remote Windows host is earlier
than 1.98.1. As such, it reportedly uses unsafe methods for
determining how to load executables. Specifically, there is an issue
with the file search path, which could result in the insecure loading
of executables when using the 'Open containing folder' function.

An attacker may be able to exploit this to execute arbitrary code with
the privileges of the running application.

See also :

http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000050.html

Solution :

Upgrade to XnView version 1.98.1 or later as that reportedly resolves
the issue.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 55535 ()

Bugtraq ID: 48562

CVE ID: CVE-2011-1338

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now