XnView < 1.98.5 Multiple Integer Overflow Vulnerabilities
High Nessus Plugin ID 59174
SynopsisThe remote Windows host contains an application with multiple integer overflow vulnerabilities.
DescriptionThe version of XnView installed on the remote Windows host is earlier than 1.98.5. As such, it is reportedly affected by multiple integer overflow vulnerabilities. These vulnerabilities are related to the processing of PSD (Adobe Photoshop) record types. An attacker could exploit these vulnerabilities by tricking a victim into opening a specially crafted file that could allow for arbitrary code to be executed in the context of the application.
SolutionUpgrade to XnView version 1.98.5 or later as that reportedly resolves the issue.