Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File

Arbitrary Code Execution and Denial of Service Vulnerability in STDU Viewer 1.6.375 via Crafted .xps File

CVE-2017-14575 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x0000000002d8024c called from STDUXPSFile!DllUnregisterServer+0x000000000002566c."

Learn more about our Cis Benchmark Audit For Server Software.