CVE-2019-9964

Name of the Vulnerable Software and Affected Versions XnView MP version 0.93.1

Description The issue allows remote attackers to cause a denial of service, potentially leading to an application crash, or possibly have other unspecified impacts via a crafted file. This is related to the ntdll!RtlpNtMakeTemporaryKey function.

Recommendations For XnView MP version 0.93.1, consider avoiding the use of crafted files that may trigger this issue until a patch or fix is available. As a temporary workaround, users may want to restrict the opening of files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.