source: https://www.securityfocus.com/bid/40852/info

XnView is prone to a remote heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Versions prior to XnView 1.97.5 are vulnerable.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/34143.rar