CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9112 – FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9112
23 Sep 2024 — FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write... • https://www.zerodayinitiative.com/advisories/ZDI-24-1273 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9113 – FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9113
23 Sep 2024 — FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TGA files. The issue results from the lack of proper validation of user-supplied data, which can result in a write... • https://www.zerodayinitiative.com/advisories/ZDI-24-1274 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9114 – FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-9114
23 Sep 2024 — FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write... • https://www.zerodayinitiative.com/advisories/ZDI-24-1275 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-36947
https://notcve.org/view.php?id=CVE-2022-36947
18 Aug 2022 — Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer overflow. Un análisis no seguro en una partición de PNG tRNS en FastStone Image Viewer versiones hasta 7.5, resulta en un desbordamiento del búfer de la pila. • https://wid.cert-bund.de/portal/wid/kurzinformationen • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26237
https://notcve.org/view.php?id=CVE-2021-26237
18 Mar 2021 — FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d7d, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution. FastStone Image Viewer versiones anteriores incluyendo a 7.5, está afectado por una infracción de acceso de escritura en modo de usuario en 0x00402d7d, que se desencadena cuando un usuario abre o visualiza un archivo CU... • https://voidsec.com/advisories/cve-2021-26237-faststone-image-viewer-v-7-5-user-mode-write-access-violation • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26235
https://notcve.org/view.php?id=CVE-2021-26235
18 Mar 2021 — FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfc9, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution. FastStone Image Viewer versiones anteriores incluyendo a 7.5, está afectado por una infracción de acceso de escritura en modo de usuario cercana a NULL en 0x005bdfc9, que se desencadena cuando un usuario abre ... • https://voidsec.com/advisories/cve-2021-26235-faststone-image-viewer-v-7-5-user-mode-write-access-violation • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26234
https://notcve.org/view.php?id=CVE-2021-26234
18 Mar 2021 — FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d8a, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution. FastStone Image Viewer versiones anteriores incluyendo a 7.5, está afectado por una infracción de acceso de escritura en modo de usuario en 0x00402d8a, que se desencadena cuando un usuario abre o visualiza un archivo CU... • https://voidsec.com/advisories/cve-2021-26234-faststone-image-viewer-v-7-5-user-mode-write-access-violation • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26233
https://notcve.org/view.php?id=CVE-2021-26233
18 Mar 2021 — FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfcb, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution. FastStone Image Viewer versiones anteriores incluyendo a 7.5, está afectado por una infracción de acceso de escritura en modo de usuario cercana a NULL en 0x005bdfcb, que se desencadena cuando un usuario abre ... • https://voidsec.com/advisories/cve-2021-26233-faststone-image-viewer-v-7-5-user-mode-write-access-violation • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2021-26236
https://notcve.org/view.php?id=CVE-2021-26236
18 Mar 2021 — FastStone Image Viewer v.<= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affecting the CUR file parsing functionality (BITMAPINFOHEADER Structure, 'BitCount' file format field), that will end up corrupting the Structure Exception Handler (SEH). Attackers could exploit this issue to achieve code execution when a user opens or views a malformed/specially crafted CUR file. FastStone Image Viewer versiones anteriores incluyendo a 7.5, está afectado por un desbordamiento del búfer en la región... • https://voidsec.com/advisories/cve-2021-26236-faststone-image-viewer-v-7-5-stack-based-buffer-overflow • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35845
https://notcve.org/view.php?id=CVE-2020-35845
25 Jan 2021 — FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf. FastStone Image Viewer versión 7.5, presenta una escritura fuera de límites (por medio de un archivo de imagen diseñado) en FSViewer.exe+0x96cf • https://github.com/DmitryMeD/pentesting/blob/main/FastStone%20Image%20Viewer%207.5.md • CWE-787: Out-of-bounds Write •