CVE-2019-9968

HIGH

XnView Classic <2.48 - DoS

Title source: llm

Description

XnView Classic 2.48 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to ntdll!RtlQueueWorkItem.

References (1)

[Exploit, Third Party Advisory] https://code610.blogspot.com/2019/03/crashing-xnview-248.html

Scores

CVSS v3 7.8

EPSS 0.0028

EPSS Percentile 51.0%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-119

Status published

Affected Products (1)

xnview/xnview_classic

Timeline

Published Mar 24, 2019

Tracked Since Feb 18, 2026