CVE-2017-2804

Name of the Vulnerable Software and Affected Versions: Core PHOTO-PAINT X8 version 18.1.0.661

Description: A remote out of bound write issue exists in the TIFF parsing functionality. This can be triggered by a specially crafted TIFF file, potentially causing memory corruption. An attacker can exploit this by sending a victim a specific TIFF file.

Recommendations: For Core PHOTO-PAINT X8 version 18.1.0.661, consider avoiding the use of TIFF files from untrusted sources until a patch is available. As a temporary workaround, restrict the ability to open or process TIFF files in the software to minimize the risk of exploitation.