The host is installed with XnView 1.98.2 or earlier and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted file containing PSD record types. Successful exploitation allows remote attackers to execute arbitrary code.