RSS   Vulnerabilities for 'Image viewer'   RSS

2021-03-18
 
CVE-2021-26237

CWE-787
 

 
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d7d, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.

 
 
CVE-2021-26235

CWE-476
 

 
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfc9, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.

 
 
CVE-2021-26234

CWE-787
 

 
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d8a, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.

 
 
CVE-2021-26233

CWE-787
 

 
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfcb, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.

 
 
CVE-2021-26236

CWE-787
 

 
FastStone Image Viewer v.<= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affecting the CUR file parsing functionality (BITMAPINFOHEADER Structure, 'BitCount' file format field), that will end up corrupting the Structure Exception Handler (SEH). Attackers could exploit this issue to achieve code execution when a user opens or views a malformed/specially crafted CUR file.

 
2021-01-26
 
CVE-2020-35845

CWE-787
 

 
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf.

 
 
CVE-2020-35844

CWE-787
 

 
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4.

 
 
CVE-2020-35843

CWE-787
 

 
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x956e.

 
2019-07-04
 
CVE-2019-13246

CWE-119
 

 
FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x00000000001a9601.

 
 
CVE-2019-13245

CWE-119
 

 
FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x00000000001a95b1.

 


Copyright 2022, cxsecurity.com

 

Back to Top