Hi Support,
Would like to confirm if CVE-2017-9900 only affects XnView Classic for Windows Version 2.40 and below? What is the fix version? Would like to confirm. I work for Rapid7 and support our IVM product. We are a vulnerability management security application and would like to confirm the ranges of this vulnerability. Our customer and engineering did try via email but either no response or response isn't clear. Any help would be great to improve our product and reduce the False Positives.
Thanks,
Does CVE-2017-9900 Affect only XnView Classic?
Moderators: XnTriq, helmut, xnview
-
- Posts: 4
- Joined: Mon Oct 21, 2024 1:34 pm
-
- Author of XnView
- Posts: 44943
- Joined: Mon Oct 13, 2003 7:31 am
- Location: France
Re: Does CVE-2017-9900 Affect only XnView Classic?
The detail of this CVE is no more available, so we can't answer
Pierre.
-
- Posts: 4
- Joined: Mon Oct 21, 2024 1:34 pm
Re: Does CVE-2017-9900 Affect only XnView Classic?
Not sure that I understand your response. What do you mean? If you look here:
https://nvd.nist.gov/vuln/detail/CVE-2017-9900
That is still public facing. Just need help verifying. Please!
https://nvd.nist.gov/vuln/detail/CVE-2017-9900
That is still public facing. Just need help verifying. Please!
-
- Author of XnView
- Posts: 44943
- Joined: Mon Oct 13, 2003 7:31 am
- Location: France
Re: Does CVE-2017-9900 Affect only XnView Classic?
the detail url is not available https://github.com/wlinzi/security_advi ... -2017-9900
I think that this CVE is fixed in latest version of XnView Classic
I think that this CVE is fixed in latest version of XnView Classic
Pierre.
-
- Posts: 4
- Joined: Mon Oct 21, 2024 1:34 pm
Re: Does CVE-2017-9900 Affect only XnView Classic?
Would that be the 2.51.7? Would like to get confirmation so we can update our checks.
-
- Author of XnView
- Posts: 44943
- Joined: Mon Oct 13, 2003 7:31 am
- Location: France
Re: Does CVE-2017-9900 Affect only XnView Classic?
yes all CVE from this authormarsianoz13 wrote: ↑Wed Oct 23, 2024 12:37 pm Would that be the 2.51.7? Would like to get confirmation so we can update our checks.
Pierre.
-
- Posts: 4
- Joined: Mon Oct 21, 2024 1:34 pm
Re: Does CVE-2017-9900 Affect only XnView Classic?
Hi Pierre,
We really need your help. Can you get confirmation which exact version of XnView Classic resolves this CVE-2017-9900. We want to adjust our checks. Without confirmation of the exact version, we aren't able to make changes. Can you check with your internal teams? If your confident that 2.51.7 resolves this, let me know.
Thanks,
We really need your help. Can you get confirmation which exact version of XnView Classic resolves this CVE-2017-9900. We want to adjust our checks. Without confirmation of the exact version, we aren't able to make changes. Can you check with your internal teams? If your confident that 2.51.7 resolves this, let me know.
Thanks,
-
- Author of XnView
- Posts: 44943
- Joined: Mon Oct 13, 2003 7:31 am
- Location: France
Re: Does CVE-2017-9900 Affect only XnView Classic?
I think that all CVE from this author has been fixed in 2.51.7, but details of CVE are no more available so not easy to confirm
Pierre.