Security Vulnerabilities fixed in FastStone Image Viewer 7.6
Description
FastStone Image Viewer v.<= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, NULL at 0x005bdfc9, user mode write access violation at 0x00402d8a and 0x005bdfcb, affecting the CUR file parsing functionality (BITMAPINFOHEADER Structure, 'BitCount' file format field), that will end up corrupting the Structure Exception Handler (SEH). Attackers could exploit this issue to achieve code execution when a user opens or views a malformed/specially crafted CUR file. ALso, attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
Affected Applications
FastStone Image Viewer