Skip to content
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Security-Advisories/CVE-2018-11704/
Security-Advisories/CVE-2018-11704/

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

[Suggested description] FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.


[Vulnerability Type] Buffer Overflow


[Vendor of Product] FastStone


[Affected Product Code Base] FastStone Image Viewer - 6.5


[Affected Component] fsviewer.exe


[Attack Type] Local


[Impact Denial of Service] true


[Attack Vectors] the user must open a crafted jpg file


[Discoverer] Mostafa Soliman - SecureMisr


[Reference]

http://www.securemisr.net/

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11704