This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-11950.
More Stories
USN-7172-1: libvpx vulnerability
It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a...
USN-7176-1: GStreamer Good Plugins vulnerabilities
Antonio Morales discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker could use these issues to...
USN-7175-1: GStreamer Base Plugins vulnerabilities
Antonio Morales discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to...
USN-7174-1: GStreamer vulnerability
Antonio Morales discovered that GStreamer incorrectly handled allocating memory for certain buffers. An attacker could use this issue to cause...
USN-7171-1: PHPUnit vulnerability
It was discovered that PHPUnit incorrectly handled web requests if exposed to the internet. An attacker could possibly use this...
USN-7168-1: EditorConfig vulnerabilities
It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An attacker could possibly use...