PT-2017-15590 · Computerinsel · Computerinsel Photoline
Published
2017-10-05
·
Updated
2022-06-07
·
CVE-2017-2880
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Computerinsel Photoline version 20.02
Description
A memory corruption issue exists in the .GIF parsing functionality, allowing potential code execution through a specially crafted .GIF file. An attacker can trigger this issue by sending a specific .GIF file.
Recommendations
For Computerinsel Photoline version 20.02, avoid using the .GIF parsing functionality until a patch is available. As a temporary workaround, consider restricting the ability to open or process .GIF files to minimize the risk of exploitation.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Computerinsel Photoline