MidnightBSD

Advisories for windjview_project

CVE-2017-7894 MEDIUM

WinDjView 2.1 might allow user-assisted attackers to execute code via a crafted .djvu file, because of a "User Mode Write AV near NULL" in WinDjView.exe. One threat model is a victim who obtains an untrusted .djvu file from a remote location and issues several user-defined commands.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
windjview_project windjview 2.1