Faststone
Products
3- 5 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
7| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-8826 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpeg_mem_term function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | |
| CVE-2017-8785 | Hig | 0.51 | 7.8 | 0.00 | Jul 5, 2017 | FastStone Image Viewer 6.2 has a "Data from Faulting Address may be used as a return value" issue. This issue can be triggered by a malformed JPEG 2000 file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact. | |
| CVE-2017-6078 | Med | 0.36 | 5.5 | 0.00 | Feb 21, 2017 | FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with a crafted biSize field in the BITMAPINFOHEADER section. | |
| CVE-2007-1942 | 0.04 | — | 0.10 | Apr 11, 2007 | Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp. | ||
| CVE-2005-0950 | 0.04 | — | 0.08 | Mar 29, 2005 | Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows remote attackers to read arbitrary files via a (1) ... (triple dot) or (2) ..\ (dot dot backslash) in the URL. | ||
| CVE-2008-5870 | 0.03 | — | 0.05 | Jan 8, 2009 | FastStone Image Viewer 3.6 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with large width and height values, possibly a related issue to CVE-2007-1942. | ||
| CVE-2007-1764 | 0.00 | — | 0.04 | Mar 30, 2007 | Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to execute arbitrary code via a crafted JPG image. |
- risk 0.51cvss 7.8epss 0.00
FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpeg_mem_term function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
- risk 0.51cvss 7.8epss 0.00
FastStone Image Viewer 6.2 has a "Data from Faulting Address may be used as a return value" issue. This issue can be triggered by a malformed JPEG 2000 file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
- risk 0.36cvss 5.5epss 0.00
FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with a crafted biSize field in the BITMAPINFOHEADER section.
- CVE-2007-1942Apr 11, 2007risk 0.04cvss —epss 0.10
Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp.
- CVE-2005-0950Mar 29, 2005risk 0.04cvss —epss 0.08
Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows remote attackers to read arbitrary files via a (1) ... (triple dot) or (2) ..\ (dot dot backslash) in the URL.
- CVE-2008-5870Jan 8, 2009risk 0.03cvss —epss 0.05
FastStone Image Viewer 3.6 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with large width and height values, possibly a related issue to CVE-2007-1942.
- CVE-2007-1764Mar 30, 2007risk 0.00cvss —epss 0.04
Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to execute arbitrary code via a crafted JPG image.