Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1338

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2011-1338
Last Modified 12 Jul 2011 12:00:00
Published 11 Jul 2011 04:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1338

Summary

Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item.

Vulnerable Systems

Application

  • Xnview 1.74

  • Xnview 1.80

  • Xnview 1.80.1

  • Xnview 1.80.2

  • Xnview 1.80.3

  • Xnview 1.82

  • Xnview 1.98


References

XF - xnview-library-code-execution(68369)

BID - 48562

OSVDB - 73619

SECUNIA - 45127

JVNDB - JVNDB-2011-000050

JVN - JVN#17844633


Last Updated: 27 May 2016 10:56:18