CVE-2017-15785

Name of the Vulnerable Software and Affected Versions XnView Classic for Windows version 2.43

Description The issue allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file. This is related to a "Data Execution Prevention Violation near NULL" error, which occurs when processing a specific CAD image.

Recommendations For XnView Classic for Windows version 2.43, consider avoiding the use of .dwg files from untrusted sources until a fix is available. As a temporary workaround, restrict the opening of .dwg files in XnView Classic for Windows to minimize the risk of exploitation.