CVE-2023-52173

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-52173
XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3ADBD0.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/seyit-sigirci/Vulnerability-Disclosures/blob/main/XNView-Crash-Reports/BOF%5B0x54D%5D%2B3%7B%2B0~3%23460c%7D%20469.15d%20%40%20xnview.exe%2B0x3ADBD0.html Product
https://newsgroup.xnview.com/viewtopic.php?f=35&t=46016 Release Notes
Configurations

Configuration 1 (hide)

cpe:2.3:a:xnview:xnview_classic:*:*:*:*:*:*:*:*
History

04 Jan 2024, 23:34

Type Values Removed Values Added
References () https://github.com/seyit-sigirci/Vulnerability-Disclosures/blob/main/XNView-Crash-Reports/BOF%5B0x54D%5D%2B3%7B%2B0~3%23460c%7D%20469.15d%20%40%20xnview.exe%2B0x3ADBD0.html - () https://github.com/seyit-sigirci/Vulnerability-Disclosures/blob/main/XNView-Crash-Reports/BOF%5B0x54D%5D%2B3%7B%2B0~3%23460c%7D%20469.15d%20%40%20xnview.exe%2B0x3ADBD0.html - Product
References () https://newsgroup.xnview.com/viewtopic.php?f=35&t=46016 - () https://newsgroup.xnview.com/viewtopic.php?f=35&t=46016 - Release Notes
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
Summary (es) XnView Classic anterior a 2.51.3 en Windows tiene Write Access Violation en xnview.exe+0x3ADBD0. (es) XnView Classic anterior a 2.51.3 en Windows tiene una violación de acceso de escritura en xnview.exe+0x3ADBD0.
CWE CWE-787
CPE cpe:2.3:a:xnview:xnview_classic:*:*:*:*:*:*:*:*
First Time Xnview
Xnview xnview Classic

29 Dec 2023, 13:56

Type Values Removed Values Added
Summary
  • (es) XnView Classic anterior a 2.51.3 en Windows tiene Write Access Violation en xnview.exe+0x3ADBD0.

29 Dec 2023, 04:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-12-29 04:15

Updated : 2024-01-04 23:34

NVD link : CVE-2023-52173

Mitre link : CVE-2023-52173

CVE.ORG link : CVE-2023-52173

JSON object : View

Products Affected

xnview

  • xnview_classic
CWE
CWE-787

Out-of-bounds Write