Denial of Service and Potential Remote Code Execution in STDU Viewer 1.6.375 via Crafted .djvu File

Denial of Service and Potential Remote Code Execution in STDU Viewer 1.6.375 via Crafted .djvu File

CVE-2017-14689 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at STDUDjVuFile!DllUnregisterServer+0x000000000000328e."

Learn more about our Cis Benchmark Audit For Server Software.