CVE-2011-1338

XnView <1.98.1 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item.

References (6)

Core 6
Core References
Third Party Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000050
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/48562
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/73619
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/68369
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN17844633/index.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45127

Scores

EPSS 0.0005
EPSS Percentile 17.0%

Details

Status published
Products (7)
xnview/xnview 1.74
xnview/xnview 1.80
xnview/xnview 1.80.1
xnview/xnview 1.80.2
xnview/xnview 1.80.3
xnview/xnview 1.82
xnview/xnview < 1.98
Published Jul 11, 2011
Tracked Since Feb 18, 2026