CVE-2017-8785

EUVD-2017-17728
FastStone Image Viewer 6.2 has a "Data from Faulting Address may be used as a return value" issue. This issue can be triggered by a malformed JPEG 2000 file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Affected Products (NVD)
VendorProductVersion
faststoneimage_viewer
6.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-8785
https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-8785