68 matches found
CVE-2017-14557
STDU Viewer 1.6.375 contains a buffer overflow vulnerability when processing a specially crafted .djvu file, allowing a local attacker to execute arbitrary code or cause a denial of service. This is documented in CNVD-2017-30314 and corroborated by CVE-2017-14557 records. Impact is described as a...
CVE-2017-14299
The CVE-2017-14299 entry concerns STDU Viewer 1.6.375. Affected component: the STDUJBIG2File handling (via a crafted .jb2 file). Root cause/trigger: Data from Faulting Address controls subsequent Write Address inside STDUJBIG2File!DllGetClassObject+0x384b, leading to arbitrary code execution or a...
CVE-2017-14556
STDU Viewer 1.6.375 contains a buffer overflow vulnerability in the handling of .djvu files (STDU Viewer Buffer Overflow). The issue arises from a flaw in processing a crafted .djvu file, enabling a local attacker to execute arbitrary code or cause a denial of service. Connected sources (CNVD-201...
CVE-2017-14542
STDU Viewer 1.6.375 contains a buffer overflow vulnerability (per CNVD-2017-30441) that a local attacker can exploit by processing a specially crafted .epub file, potentially leading to arbitrary code execution or a denial of service. The connected CNVD entry confirms the issue in STDU Viewer and...
CVE-2017-14301
STDU Viewer 1.6.375 is affected by CVE-2017-14301 through a buffer overflow triggered by a specially crafted .jb2 file. The root cause is described as Data from Faulting Address controls subsequent Write Address, starting at STDUJBIG2File!DllUnregisterServer+0x00000000000076d3, which can lead to ...
CVE-2017-14546
CVE-2017-14546 affects STDU Viewer 1.6.375. A crafted .epub file can cause a denial of service and potentially unspecified impact, related to the error code 0xe06d7363 at wow64!Wow64NotifyDebugger+0x… at local access. The connected documents provide limited technical detail beyond this; no patch/...
CVE-2017-14289
CVE-2017-14289 affects STDU Viewer 1.6.375. A vulnerability in the STDUJBIG2File component (User Mode Write AV at STDUJBIG2File!DllGetClassObject+0x...303e) allows crafted .jb2 files to trigger arbitrary code execution or a denial of service. The provided connected sources confirm the vulnerabili...
CVE-2017-14302
STDU Viewer 1.6.375 is affected by a vulnerability where processing a specially crafted .jb2 file can cause a denial of service (and possibly other impact). CNVD catalogs this as a buffer overflow in STDU Viewer related to JBIG2 file handling, while NVD describes the issue as a DoS/impact via a c...
CVE-2017-14553
CVE-2017-14553 affects STDU Viewer 1.6.375. A buffer overflow vulnerability exists when handling a crafted .djvu file, related to a location in STDUDjVuFile!DllUnregisterServer+0x00000000000085f5, which could allow a local attacker to execute arbitrary code or cause a denial of service. The conne...
CVE-2017-14688
The CVE-2017-14688 entry affects STDU Viewer 1.6.375. A crafted .djvu file can trigger a Read Access Violation in STDUDjVuFile!DllUnregisterServer, leading to a denial of service and potentially other unspecified impact. The public materials describe the vulnerability without enumerating affected...
CVE-2017-14290
STDU Viewer 1.6.375 is affected by a heap-corruption vulnerability exploitable via a specially crafted .jb2 file, leading to arbitrary code execution or denial of service. The issue is referenced across multiple sources (e.g., CVE-2017-14290/NVD), noting the root cause involves a heap corruption ...
CVE-2017-14291
STDU Viewer 1.6.375 is affected by CVE-2017-14291. A crafted .jb2 file can lead to arbitrary code execution or denial of service, linked to a User Mode Write AV at STDUJBIG2File!DllUnregisterServer+0x76d8. Multiple sources (NVD/CNVD/CVELIST) confirm the vulnerability and impact, with local attack...
CVE-2017-14307
STDU Viewer 1.6.375 is affected by CVE-2017-14307. A crafted .jb2 file can cause a denial of service and possibly other impacts. The root cause involves data from a faulting address influencing branch selection at ntdll_77400000!TpAllocCleanupGroup+0x402. Multiple connected sources (NVD, CNVD, CV...
CVE-2017-14308
CVE-2017-14308 affects STDU Viewer 1.6.375 . A crafted .jb2 file can trigger a denial of service and potentially other unspecified impact, tied to a Read Access Violation at STDUJBIG2File!DllUnregisterServer+0x0000000000006ddd . The vulnerability is referenced across multiple sources (NVD/CNVD en...
CVE-2017-14548
STDU Viewer 1.6.375 is affected by a local, buffer overflow vulnerability triggered by a crafted .djvu file. The issue arises in a user-mode code path related to DllUnregisterServer, enabling a local attacker to potentially execute arbitrary code or cause a denial of service. The CVE description ...
CVE-2017-14549
STDU Viewer 1.6.375 is affected by a local, heap-based buffer overflow in a crafted .djvu file, leading to arbitrary code execution or denial of service. This vulnerability is described as a heap corruption starting at wow64!Wow64NotifyDebugger+0x000000000000001d. Multiple sources (NVD/CNVD/CVELI...
CVE-2017-14569
STDU Viewer 1.6.375 has a buffer overflow vulnerability affecting XPS handling. A crafted .xps file can trigger a Read Access Violation in STDUXPSFile!DllUnregisterServer+0x5bd5, potentially enabling denial of service and related unspecified impact. Documents from NVD/CNVD and related feeds confi...
CVE-2017-14287
STDU Viewer 1.6.375 is affected by CVE-2017-14287. A crafted .jb2 file can trigger a Read Access Violation in STDUJBIG2File, leading to arbitrary code execution or a denial of service. CVSSv3 indicates a high impact (7.8) with local access, no user interaction required, and high impact to confide...
CVE-2017-14292
STDU Viewer 1.6.375 is vulnerable to a crafted .jb2 file that can cause arbitrary code execution or a denial of service. The issue is linked to a User Mode Write AV condition starting at STDUJBIG2File!DllUnregisterServer+0x000000000000570e. The CVSS data indicates a LOCAL attack vector with low a...
CVE-2017-14294
STDU Viewer 1.6.375 is affected by CVE-2017-14294. A crafted .jb2 file can lead to arbitrary code execution or to a denial of service, with the issue tied to a User Mode Write AV starting at STDUJBIG2File!DllUnregisterServer+0x000000000000566e. Documents consistently identify the affected product...
CVE-2017-14544
CVE-2017-14544 affects STDU Viewer 1.6.375. The vulnerability is a buffer overflow triggered by a crafted .epub file in which data from a faulting address is used in a call sequence starting at STDUEPubFile!DllUnregisterServer, enabling denial of service and potentially unspecified impact. No exp...
CVE-2017-14552
STDU Viewer 1.6.375 is affected by a buffer overflow vulnerability described in CNVD-2017-30319 and related records. The flaw allows a local attacker to exploit a specially crafted .djvu file to execute arbitrary code or cause a denial of service. The root cause is a buffer overflow in STDU Viewe...
CVE-2017-14558
STDU Viewer 1.6.375 contains a local-bypassable buffer overflow (CVE-2017-14558) triggered by a crafted .djvu file, allowing a local attacker to execute arbitrary code or cause a denial of service. Multiple connected records corroborate a buffer overflow in STDU Viewer tied to a DjVu processing p...
CVE-2017-14559
STDU Viewer 1.6.375 contains a buffer overflow vulnerability exploitable via a specially crafted .xps file, enabling a local attacker to execute arbitrary code or cause a denial of service. The root cause is described as a Read Access Violation in the STDUXPSFile module (DllUnregisterServer+0x…5a...
CVE-2017-14563
STDU Viewer 1.6.375 is affected by a local vulnerability in processing .xps files that can trigger a read access violation in STDUXPSFile!DllUnregisterServer+0x5311, potentially allowing arbitrary code execution or denial of service. The issue is triggered by specially crafted .xps files and is d...
CVE-2017-14565
STDU Viewer 1.6.375 is affected by a local, user-assisted vulnerability (buffer overflow/possible stack corruption) that can be triggered by processing a specially crafted .xps file. The issue can lead to a denial of service and potentially other unspecified impacts as described in multiple sourc...
CVE-2017-14286
STDU Viewer 1.6.375 is affected by CVE-2017-14286. A vulnerability in processing specially crafted .jb2 files can lead to arbitrary code execution or a denial of service, related to a User Mode Write AV originating from STDUJBIG2File!DllUnregisterServer+0xcb8c. The issue is a buffer/write conditi...
CVE-2017-14293
STDU Viewer 1.6.375 is affected by CVE-2017-14293 due to a crafted .jb2 file triggering a heap corruption condition in wow64!Wow64LdrpInitialize, enabling arbitrary code execution or a denial of service. The vulnerability is a buffer/heap-based overflow in the STDU Viewer component handling JB2 f...
CVE-2017-14305
STDU Viewer 1.6.375 is affected by CVE-2017-14305. A vulnerability in a crafted .jb2 file can trigger a buffer/related fault condition related to Data from Faulting Address controls Branch Selection at STDUJBIG2File!DllUnregisterServer+0x0000000000005578, enabling denial of service and potentiall...
CVE-2017-14545
STDU Viewer 1.6.375 is affected by a vulnerability described across multiple sources as a buffer overflow in EPUB handling. The issue appears to be triggered by processing a specially crafted .epub file, with the root cause tied to memory/branch handling in the STDUEPubFile!DllUnregisterServer+0x...
CVE-2017-14564
STDU Viewer 1.6.375 is affected by a local-denial-of-service-style vulnerability via crafted .xps files. The issue is described as a buffer overflow in STDU Viewer (CNVD-2017-30289; NVD entry CVE-2017-14564) with the faulting address affecting the Branch Selection starting at STDUXPSFile!DllUnreg...
CVE-2017-14568
CVE-2017-14568 affects STDU Viewer 1.6.375. A buffer overflow can be triggered by a crafted .xps file, enabling a local attacker to execute arbitrary code or cause a denial of service, as described by multiple sources (e.g., CNVD/NVD entries) referencing an Illegal Instruction Violation related t...
CVE-2017-14573
CVE-2017-14573 affects STDU Viewer 1.6.375 through a local buffer overflow in the XPS handling (notably via crafted .xps files, e.g., STDUXPSFile!DllUnregisterServer+0x000000000002566a). This can lead to arbitrary code execution or denial of service. The CNVD/NVD entries describe the vulnerabilit...
CVE-2017-14576
STDU Viewer 1.6.375 has a local-buffer-overflow vulnerability that can be triggered by a specially crafted .xps file, leading to a denial of service. Multiple connected sources (CNVD-2017-30277, NVD/NVD mirrors) corroborate a buffer-overflow issue and DoS impact; exact internal root cause and aff...
CVE-2017-14579
STDU Viewer 1.6.375 contains a local-buffer overflow vulnerability exploitable via a specially crafted .jb2 file, leading to arbitrary code execution or denial of service. Root cause is a Read Access Violation in the STDUJBIG2File path (DllGetClassObject+0x...); disclosure and impact are stated i...
CVE-2017-14692
STDU Viewer 1.6.375 is affected by CVE-2017-14692. A crafted .jb2 file can lead to arbitrary code execution or a denial of service due to a vulnerability in STDUJBIG2File!DllGetClassObject (User Mode Write AV). Several connected records (CNVD-2017-30443, CVE references) confirm the impact and aff...
CVE-2017-14288
CVE-2017-14288 affects STDU Viewer 1.6.375. The vulnerability arises from a buffer overflow triggered by a specially crafted .jb2 file, related to a problematic operation noted as a “User Mode Write AV” at STDUJBIG2File!DllGetClassObject+0x0000000000002ff7. Affected code can allow an attacker to ...
CVE-2017-14298
STDU Viewer 1.6.375 is affected by CVE-2017-14298. The vulnerability allows an attacker to execute arbitrary code or cause a denial of service via a specially crafted .jb2 file. The underlying cause is that Data from a Faulting Address controls the subsequent Write Address in STDUJBIG2File!DllGet...
CVE-2017-14306
CVE-2017-14306 affects STDU Viewer 1.6.375 via crafted .jb2 files. The root cause is a read access violation in STDUJBIG2File during DllUnregisterServer, leading to denial of service and potentially additional impact. Public sources in connected documents describe a buffer/access violation vulner...
CVE-2017-14297
STDU Viewer 1.6.375 is reported vulnerable to arbitrary code execution or denial of service via a crafted .jb2 file, due to control-flow manipulation triggered by Data from Faulting Address at STDUJBIG2File!DllGetClassObject+0x2f35. The affected component is STDU Viewer; the vulnerability appears...
CVE-2017-14310
STDU Viewer 1.6.375 is affected by a vulnerability triggered by a crafted .jb2 file. Multiple sources (NVD entry CVE-2017-14310 and CNVD-2017-30269) describe a denial of service and possibly unspecified impact, associated with a Read Access Violation at STDUJBIG2File!DllUnregisterServer+0x1869 an...
CVE-2017-14550
CVE-2017-14550 affects STDU Viewer 1.6.375. The vulnerability relates to processing crafted .djvu files and is tied to a possible stack corruption in STDUDjVuFile!DllUnregisterServer+0x... which can lead to denial of service and may have unspecified additional impact. The connected CNVD/CNVD-2017...
CVE-2017-14551
CVE-2017-14551 affects STDU Viewer 1.6.375. A crafted .djvu file can trigger a vulnerability described as a buffer overflow with denial of service and potentially other impacts. The root cause references Data from Faulting Address controlling Branch Selection at STDUDjVuFile!DllUnregisterServer+0...
CVE-2017-14561
STDU Viewer 1.6.375 is affected by a buffer overflow in its XPS handling, triggerable by a specially crafted .xps file. A local attacker can exploit this to execute arbitrary code or cause a denial of service . This vulnerability is described in CVE-2017-14561 and corroborated by CNVD-2017-30292;...
CVE-2017-14566
STDU Viewer 1.6.375 is affected by a buffer overflow when processing specially crafted .xps files, enabling local attackers to execute arbitrary code or cause a denial of service. The vulnerability is described across multiple sources (CNVD-2017-30287, NVD CVE-2017-14566) with the root cause cite...
CVE-2017-14567
STDU Viewer 1.6.375 is affected by a vulnerability triggered by a crafted .xps file, with an attacker able to execute arbitrary code or cause a denial of service. The issue is linked to an Illegal Instruction Violation starting at Unknown Symbol @ 0x00000000028c024d called from STDUXPSFile!DllUnr...
CVE-2017-14577
STDU Viewer 1.6.375 is affected by a local buffer overflow vulnerability in .xps handling (as per CNVD-2017-30276 and corroborating CVE-2017-14577 entries). A crafted .xps file can lead to arbitrary code execution or a denial of service. Root cause details are not fully disclosed in the provided ...
CVE-2017-14304
STDU Viewer 1.6.375 is affected by CVE-2017-14304 via a crafted .jb2 file, causing a Read Access Violation in STDUJBIG2File!DllGetClassObject and resulting in a denial of service with possible unspecified impact. The vulnerability is local, with low attack complexity, and requires no authenticati...
CVE-2017-14309
STDU Viewer 1.6.375 is affected by CVE-2017-14309. A crafted .jb2 file can trigger a denial of service and potentially other impact due to a Read Access Violation in STDUJBIG2File!DllUnregisterServer+0x0000000000006ec8. The vulnerability is triggered by processing the JBIG2 data, with exploitatio...
CVE-2017-14562
CVE-2017-14562 affects STDU Viewer 1.6.375. A buffer overflow vulnerability in processing .xps files can allow a local attacker to cause a denial of service (and possibly other impact) as described in CNVD/NVD entries, with exploitation tied to a crafted .xps payload (error code 0xe06d7363 at wow...