CVE-2011-1338

Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
xnviewxnview
𝑥
≤ 1.98
xnviewxnview
1.74
xnviewxnview
1.80
xnviewxnview
1.80.1
xnviewxnview
1.80.2
xnviewxnview
1.80.3
xnviewxnview
1.82
𝑥
= Vulnerable software versions
References
http://jvn.jp/en/jp/JVN17844633/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000050
http://secunia.com/advisories/45127
http://www.osvdb.org/73619
http://www.securityfocus.com/bid/48562
https://exchange.xforce.ibmcloud.com/vulnerabilities/68369
http://jvn.jp/en/jp/JVN17844633/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000050
http://secunia.com/advisories/45127
http://www.osvdb.org/73619
http://www.securityfocus.com/bid/48562
https://exchange.xforce.ibmcloud.com/vulnerabilities/68369