Image Viewer Security Vulnerabilities
The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via album gallery custom URLs in all versions up to, and including, 2.4.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
6.4CVSS
5.7AI Score
0.0004EPSS
Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer...
9.8CVSS
9.5AI Score
0.002EPSS
The 3D FlipBook WordPress plugin before 1.12.1 does not have authorisation and CSRF checks when updating its settings, and does not have any sanitisation/escaping, allowing any authenticated users, such as subscriber to put Cross-Site Scripting payloads in all pages with a 3d...
5.4CVSS
5.2AI Score
0.001EPSS
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfc9, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code...
7.8CVSS
8AI Score
0.001EPSS
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d7d, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code...
7.8CVSS
8AI Score
0.001EPSS
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfcb, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code...
7.8CVSS
8AI Score
0.001EPSS
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d8a, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code...
7.8CVSS
8AI Score
0.001EPSS
FastStone Image Viewer v.<= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affecting the CUR file parsing functionality (BITMAPINFOHEADER Structure, 'BitCount' file format field), that will end up corrupting the Structure Exception Handler (SEH). Attackers could exploit this iss...
7.8CVSS
7.9AI Score
0.005EPSS
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at...
5.5CVSS
5.6AI Score
0.001EPSS
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at...
7.8CVSS
7.7AI Score
0.001EPSS
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at...
7.8CVSS
7.7AI Score
0.001EPSS
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.6AI Score
0.001EPSS
FastStone Image Viewer 6.5 has an Exception Handler Chain Corrupted issue starting at image00400000+0x00000000003ef68a via a crafted image...
5.5CVSS
5.5AI Score
0.001EPSS
FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000000e1237 via a crafted image...
5.5CVSS
5.5AI Score
0.001EPSS
FastStone Image Viewer 6.5 has a User Mode Write AV starting at image00400000+0x00000000001cb509 via a crafted image...
5.5CVSS
5.5AI Score
0.001EPSS
FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d7d via a crafted image...
5.5CVSS
5.5AI Score
0.001EPSS
FastStone Image Viewer 6.5 has a Read Access Violation on Block Data Move starting at image00400000+0x0000000000002d63 via a crafted image...
5.5CVSS
5.5AI Score
0.001EPSS
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cc4, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other...
7.8CVSS
7.9AI Score
0.001EPSS
FastStone Image Viewer 6.2 has a User Mode Read and Execute AV at 0x0057898e, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other...
7.8CVSS
7.9AI Score
0.001EPSS
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other...
7.8CVSS
7.9AI Score
0.001EPSS
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other...
7.8CVSS
7.9AI Score
0.001EPSS
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cb3, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other...
7.8CVSS
7.9AI Score
0.001EPSS
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578dd8, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other...
7.8CVSS
7.9AI Score
0.001EPSS
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other...
7.8CVSS
7.9AI Score
0.001EPSS
FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpeg_mem_term function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly...
7.8CVSS
7.8AI Score
0.001EPSS
FastStone Image Viewer 6.2 has a "Data from Faulting Address may be used as a return value" issue. This issue can be triggered by a malformed JPEG 2000 file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other...
7.8CVSS
7.8AI Score
0.001EPSS
Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0, Gold 5.5, Gold 6.0, and earlier allows remote attackers to execute arbitrary code via a long strPDFFile...
8.3AI Score
0.167EPSS
Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit...
8.3AI Score
0.944EPSS
FastStone Image Viewer 3.6 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with large width and height values, possibly a related issue to...
6.6AI Score
0.005EPSS
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006,.....
7.7AI Score
0.748EPSS
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006,.....
7.7AI Score
0.799EPSS
Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital....
7.8AI Score
0.641EPSS
Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and....
8AI Score
0.51EPSS
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite...
8AI Score
0.772EPSS
Kodak Image Viewer in Microsoft Windows 2000 SP4, and in some cases XP SP2 and Server 2003 SP1 and SP2, allows remote attackers to execute arbitrary code via crafted image files that trigger memory corruption, as demonstrated by a certain .tif (TIFF)...
7.2AI Score
0.963EPSS
Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and...
7.5AI Score
0.005EPSS
Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to execute arbitrary code via a crafted JPG...
8AI Score
0.013EPSS
Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause...
7.5AI Score
0.12EPSS
Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify.....
7.5AI Score
0.12EPSS
zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation fault) via crafted multiple-image (animated) GIF...
6.4AI Score
0.006EPSS