This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.
The remote Windows host contains an application that loads
executables in an insecure manner.
The version of XnView installed on the remote Windows host is earlier
than 1.98.1. As such, it reportedly uses unsafe methods for
determining how to load executables. Specifically, there is an issue
with the file search path, which could result in the insecure loading
of executables when using the 'Open containing folder' function.
An attacker may be able to exploit this to execute arbitrary code with
the privileges of the running application.
See also :
Upgrade to XnView version 1.98.1 or later as that reportedly resolves
Risk factor :
High / CVSS Base Score : 7.6
CVSS Temporal Score : 6.3
Public Exploit Available : true