Switch branches/tags
Nothing to show
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
..
Failed to load latest commit information.
README.md

README.md

[Suggested description] FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578dd8, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.


[Vulnerability Type] Buffer Overflow


[Vendor of Product] FastStone


[Affected Product Code Base] FastStone Image Viewer - 6.5


[Affected Component] fsviewer.exe


[Attack Type] Local


[Impact Denial of Service] true


[Attack Vectors] the user must open a crafted jpg file


[Discoverer] Mostafa Soliman - SecureMisr


[Reference]

http://www.securemisr.net/

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11706