Description
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other impact.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://github.com/MostafaSoliman/Security-Advisories/tree/master/CVE-2018-11703
Scores
CVSS v3
7.8
EPSS
0.0020
EPSS Percentile
42.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (1)
faststone/image_viewer
6.2
Published
Jun 20, 2018
Tracked Since
Feb 18, 2026