Heap-based buffer overflow in xnview.exe in XnView prior to 2.03 allows remote malicious users to execute arbitrary code via a crafted RLE compressed layer in an XCF file.
xnview xnview