XnView File Search Path Executable File Injection Vulnerability (Windows) Network Vulnerability

Summary

This host has XnView installed and is prone to executable file injection vulnerability. Vulnerabilities Insight: The flaw is caused by an untrusted search path vulnerability when loading executables.

Impact

Successful exploitation will allow attackers to execute arbitrary code on the system with elevated privileges. Impact Level: System/Application

Solution

Update to XnView version 1.98.1 or later. For updates refer to http://www.xnview.com/

Affected

XnView versions prior to 1.98.1 on windows.

References

http://osvdb.org/73619
http://secunia.com/advisories/45127
http://xforce.iss.net/xforce/xfdb/68369

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1338

CVSS	Base Score: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Flash Player Unspecified Cross-Site Scripting Vulnerability June-2011 (Linux)
Arris DOCSIS Password Disclosure
Apple Mac OS X Denial of Service Vulnerability
Adobe Flash Media Server Video Stream Capture Security Issue
Apache Traffic Server Remote DNS Cache Poisoning Vulnerability

Take action and discover your vulnerabilities