Design/Logic Flaw

FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpegmemterm function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS Access Violation or possibly...

Code injection

FastStone Image Viewer 6.2 has a "Data from Faulting Address may be used as a return value" issue. This issue can be triggered by a malformed JPEG 2000 file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS Access Violation or possibly unspecified other impact...

CVE-2017-8826

FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpegmemterm function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS Access Violation or possibly...

CVE-2017-8785

FastStone Image Viewer 6.2 has a "Data from Faulting Address may be used as a return value" issue. This issue can be triggered by a malformed JPEG 2000 file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS Access Violation or possibly unspecified other impact...

CVE-2017-8826

FastStone Image Viewer 6.2 is affected by a vulnerability described as a “User Mode Write AV” that can be triggered by processing a malformed JPEG file. The issue is linked to the jpeg_mem_term function in jmemnobs.c of libjpeg and can be exploited by a malformed JPEG that causes an access violat...

CVE-2017-8785

FastStone Image Viewer 6.2 is affected by a vulnerability in FSViewer.exe triggered by malformed JPEG 2000 files, described as “Data from Faulting Address may be used as a return value.” The issue could allow a DoS (Access Violation) and potentially other impact. The available documents confirm t...

FastStone MaxView Denial of Service Vulnerability

FastStone MaxView is an image viewer. A denial of service vulnerability exists in FastStone MaxView versions 3.0 and 3.1. An attacker can exploit the vulnerability to cause a denial of service application crash via a misformatted BMP image with a crafted biSize field in the BITMAPINFOHEADER secti...

Design/Logic Flaw

FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause a denial of service application crash via a malformed BMP image with a crafted biSize field in the BITMAPINFOHEADER section...

CVE-2017-6078

FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause a denial of service application crash via a malformed BMP image with a crafted biSize field in the BITMAPINFOHEADER section...

CVE-2017-6078

FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause a denial of service application crash via a malformed BMP image with a crafted biSize field in the BITMAPINFOHEADER section...

CVE-2017-6078

CVE-2017-6078 affects FastStone MaxView 3.0 and 3.1. The vulnerability arises from processing a BMP image with a crafted biSize field in the BITMAPINFOHEADER, leading to a denial of service (application crash). Exploitation requires user involvement (user-assisted). The issue is documented across...

CVE-2017-6078

FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause a denial of service application crash via a malformed BMP image with a crafted biSize field in the BITMAPINFOHEADER section...

FastStone MaxView 2.8 Stack Overflow

Title : FastStone MaxView 2.8 .jpg local Stack Overflow PoC Program : FastStone MaxView Author : Dr.3v1l Date : 2015 01 July Website : http://www.faststone.org Download : http://www.faststonesoft.net/DN/FSMaxViewSetup28.exe Version : 2.8 Type : .jpg File local Stack Overflow PoC 01. Vulnerability...

FastStone Image Viewer 4.6 - ReadAVonIP Crash PoC

No description provided by source. !/usr/bin/perl FastStone Image Viewer 4.6 = ReadAVonIP Arbitrary Code Execution Author: Jean Pascal Pereira [email protected] Vendor URI: http://www.faststone.org Vendor Description: An image browser, converter and editor that supports all major graphic formats...

FastStone Image Viewer 2.9/3.6 BMP Image Handling Memory Corruption

No description provided by source. source: http://www.securityfocus.com/bid/23312/info FastStone Image Viewer is prone to multiple denial-of-service vulnerabilities because the application fails to properly handle malformed BMP image files. Successfully exploiting these issues allows attackers to...

FastStone 4in1 Browser 1.2 Web Server Remote Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12937/info A vulnerability has been identified in the handling of certain types of requests by the 4in1 Browser Web server. Because of this, it is possible for an attacker to gain access to potentially sensitive system...

FastStone Image Viewer 4.6 - ReadAVonIP Crash (PoC)

!/usr/bin/perl FastStone Image Viewer 4.6 Vendor URI: http://www.faststone.org Vendor Description: An image browser, converter and editor that supports all major graphic formats including BMP, JPEG, JPEG 2000, GIF, PNG, PCX, TIFF, WMF, ICO, TGA and camera raw files. It has a nice array of feature...

FastStone Image Viewer 4.6 - ReadAVonIP Crash (PoC)

FastStone Image Viewer 4.6 - ReadAVonIP Crash PoC !/usr/bin/perl FastStone Image Viewer 4.6 Vendor URI: http://www.faststone.org Vendor Description: An image browser, converter and editor that supports all major graphic formats including BMP, JPEG, JPEG 2000, GIF, PNG, PCX, TIFF, WMF, ICO, TGA an...

FastStone Image Viewer 4.6 Arbitrary Code Execution

...

FastStone Image Viewer 4.6 <= ReadAVonIP Arbitrary Code Execution

Exploit for windows platform in category local exploits !/usr/bin/perl FastStone Image Viewer 4.6 Vendor URI: http://www.faststone.org Vendor Description: An image browser, converter and editor that supports all major graphic formats including BMP, JPEG, JPEG 2000, GIF, PNG, PCX, TIFF, WMF, ICO,...