CVE-2018-15174: Buffer Overflow
First published: Wed Aug 08 2018(Updated: )
XnView 2.45 allows remote attackers to cause a denial of service (Read Access Violation at the Instruction Pointer and application crash) or possibly have unspecified other impact via a crafted ICO file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xnview Xnview | =2.45 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for XnView 2.45?
The vulnerability ID for XnView 2.45 is CVE-2018-15174.
What is the impact of the vulnerability CVE-2018-15174?
The vulnerability CVE-2018-15174 can cause a denial of service (Read Access Violation at the Instruction Pointer and application crash) or possibly have unspecified other impact.
How can remote attackers exploit CVE-2018-15174?
Remote attackers can exploit CVE-2018-15174 by sending a crafted ICO file to the vulnerable XnView application.
Is there a fix available for the vulnerability CVE-2018-15174?
Yes, updating XnView to a version beyond 2.45 can fix the vulnerability CVE-2018-15174.
What is the Common Weakness Enumeration (CWE) ID for the vulnerability CVE-2018-15174?
The Common Weakness Enumeration (CWE) ID for the vulnerability CVE-2018-15174 is CWE-119.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/type
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/xnview
- canonical/xnview xnview
- version/xnview xnview/2.45