Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File

Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .epub File

CVE-2017-14542 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .epub file, related to a "Read Access Violation on Block Data Move starting at STDUEPubFile!DllUnregisterServer+0x0000000000010262."

Learn more about our Cis Benchmark Audit For Server Software.