Stack-based buffer overflow in xnview.exe in XnView prior to 2.03 allows remote malicious users to execute arbitrary code via a crafted image layer in an XCF file.
xnview xnview