CVE-2017-14572

Name of the Vulnerable Software and Affected Versions STDU Viewer version 1.6.375

Description The issue allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file. This is related to a "User Mode Write AV starting at Unknown Symbol @ 0x000000000479049b called from Unknown Symbol @ 0x000000000d89645b."

Recommendations For STDU Viewer version 1.6.375, avoid using the software to open untrusted .xps files until a fix is available. As a temporary workaround, consider restricting the use of STDU Viewer to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.