cbcvebase.

Faststone Image Viewer vulnerabilities

32 known vulnerabilities affecting faststone/image_viewer.

Total CVEs
32
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH22MEDIUM8

Vulnerabilities

Page 1 of 2
CVE-2007-1942P3CRITICALCVSS 9.3PoCv2.92007-04-11
CVE-2007-1942 [CRITICAL] CVE-2007-1942: Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp.
nvd
CVE-2022-36947P3CRITICALCVSS 9.8fixed in 7.62022-08-18
CVE-2022-36947 [CRITICAL] CWE-787 CVE-2022-36947: Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer o Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer overflow.
nvd
CVE-2024-9112P3HIGHCVSS 7.8v7.82024-11-22
CVE-2024-9112 [HIGH] CWE-787 CVE-2024-9112: FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Thi FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The
nvd
CVE-2021-26236P3HIGHCVSS 7.8≤ 7.52021-03-18
CVE-2021-26236 [HIGH] CWE-787 CVE-2021-26236: FastStone Image Viewer v.<= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affectin FastStone Image Viewer v.<= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affecting the CUR file parsing functionality (BITMAPINFOHEADER Structure, 'BitCount' file format field), that will end up corrupting the Structure Exception Handler (SEH). Attackers could exploit this issue to achieve code execution when a user opens or views a
nvd
CVE-2024-9114P3HIGHCVSS 7.8v7.82024-11-22
CVE-2024-9114 [HIGH] CWE-787 CVE-2024-9114: FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Thi FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The
nvd
CVE-2024-9113P3HIGHCVSS 7.8v7.82024-11-22
CVE-2024-9113 [HIGH] CWE-787 CVE-2024-9113: FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Thi FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The
nvd
CVE-2021-26237P3HIGHCVSS 7.8≤ 7.52021-03-18
CVE-2021-26237 [HIGH] CWE-787 CVE-2021-26237: FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d7d, trigg FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d7d, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
nvd
CVE-2021-26234P3HIGHCVSS 7.8≤ 7.52021-03-18
CVE-2021-26234 [HIGH] CWE-787 CVE-2021-26234: FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d8a, trigg FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d8a, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
nvd
CVE-2021-26233P3HIGHCVSS 7.8≤ 7.52021-03-18
CVE-2021-26233 [HIGH] CWE-787 CVE-2021-26233: FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bd FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfcb, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
nvd
CVE-2021-26235P3HIGHCVSS 7.8≤ 7.52021-03-18
CVE-2021-26235 [HIGH] CWE-476 CVE-2021-26235: FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bd FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfc9, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
nvd
CVE-2020-35844P3HIGHCVSS 7.8v7.52021-01-26
CVE-2020-35844 [HIGH] CWE-787 CVE-2020-35844: FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xb FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4.
nvd
CVE-2020-35845P3HIGHCVSS 7.8v7.52021-01-26
CVE-2020-35845 [HIGH] CWE-787 CVE-2020-35845: FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x9 FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf.
nvd
CVE-2019-13246P4HIGHCVSS 7.8v7.02019-07-04
CVE-2019-13246 [HIGH] CWE-787 CVE-2019-13246: FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x00000000001a9601. FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x00000000001a9601.
nvd
CVE-2019-13245P4HIGHCVSS 7.8v7.02019-07-04
CVE-2019-13245 [HIGH] CWE-787 CVE-2019-13245: FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x00000000001a95b1. FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x00000000001a95b1.
nvd
CVE-2019-13244P4HIGHCVSS 7.8v7.02019-07-04
CVE-2019-13244 [HIGH] CWE-787 CVE-2019-13244: FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x0000000000002d7d. FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x0000000000002d7d.
nvd
CVE-2008-5870P4MEDIUMCVSS 4.3PoCv3.62009-01-08
CVE-2008-5870 [MEDIUM] CVE-2008-5870: FastStone Image Viewer 3.6 allows user-assisted attackers to cause a denial of service (application FastStone Image Viewer 3.6 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with large width and height values, possibly a related issue to CVE-2007-1942.
nvd
CVE-2018-11707P4HIGHCVSS 7.8v6.22018-06-20
CVE-2018-11707 [HIGH] CWE-119 CVE-2018-11707: FastStone Image Viewer 6.2 has a User Mode Read and Execute AV at 0x0057898e, triggered when the use FastStone Image Viewer 6.2 has a User Mode Read and Execute AV at 0x0057898e, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
nvd
CVE-2018-11701P4HIGHCVSS 7.8v6.22018-06-20
CVE-2018-11701 [HIGH] CWE-119 CVE-2018-11701: FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a m FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
nvd
CVE-2018-11704P4HIGHCVSS 7.8v6.22018-06-20
CVE-2018-11704 [HIGH] CWE-119 CVE-2018-11704: FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, triggered when the user opens a m FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
nvd
CVE-2018-11703P4HIGHCVSS 7.8v6.22018-06-20
CVE-2018-11703 [HIGH] CWE-119 CVE-2018-11703: FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a m FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
nvd
Faststone Image Viewer vulnerabilities | cvebase