PT-2019-15849 · Unknown · Free Photo Viewer

Code16

Publicado

2019-11-30

Atualizado

2019-12-13

CVE-2019-19468

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Free Photo Viewer version 1.3

Description The issue allows remote attackers to execute arbitrary code via a crafted BMP and/or TIFF file that triggers a malformed SEH.

Recommendations For Free Photo Viewer version 1.3, consider avoiding the use of crafted BMP and/or TIFF files until a patch is available. As a temporary workaround, restrict the opening of potentially malicious image files to minimize the risk of exploitation.

Exploit

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2019-19468

Produtos afetados

Free Photo Viewer

PT-2019-15849 · Unknown · Free Photo Viewer

CVE-2019-19468

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3