Skip to content

CVE-2013-3938

Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow.

View on NVD

Severity

N/A

EPSS

Probability of exploitation (next 30 days): 0.1220 (12.2%)
Percentile: 93.9%
EPSS: 2026-05-06

Affects

xnview:xnview

Technical description

Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buffer overflow.

Published: 3/18/2014, 5:02:52 PM
Last modified: 5/6/2026, 10:30:45 PM

References

HomeEventsBlogResourcesTeam