CVE-2017-14566

Name of the Vulnerable Software and Affected Versions STDU Viewer version 1.6.375

Description The issue allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file. It is related to a "User Mode Write AV starting at Unknown Symbol @ 0x00000000039d76c4 called from Unknown Symbol @ 0x0000000000049d2c."

Recommendations For STDU Viewer version 1.6.375, avoid using the software to open .xps files from untrusted sources until a fix is available. As a temporary workaround, consider restricting the use of the software to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.