CVE-2012-0684
XnView < 1.98.4 - Remote Code Execution via Crafted PSD File
Title source: manualDescription
Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0685.
References (1)
Core 1
Core References
Patch x_refsource_misc
http://technet.microsoft.com/en-us/security/msvr/msvr12-001
Scores
EPSS
0.0239
EPSS Percentile
85.2%
Details
CWE
CWE-189
Status
published
Products (46)
xnview/xnview
1.0 a
xnview/xnview
1.01
xnview/xnview
1.02
xnview/xnview
1.03
xnview/xnview
1.04
xnview/xnview
1.05 (3 CPE variants)
xnview/xnview
1.06
xnview/xnview
1.07
xnview/xnview
1.08
xnview/xnview
1.09
... and 36 more
Published
May 09, 2012
Tracked Since
Feb 18, 2026