CVE-2017-2880

An memory corruption vulnerability exists in the .GIF parsing functionality of Computerinsel Photoline 20.02. A specially crafted .GIF file can cause a vulnerability resulting in potential code execution. An attacker can send specific .GIF file to trigger this vulnerability.
References
Link Resource
http://www.securityfocus.com/bid/101188 Broken Link
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0387 Exploit Technical Description Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:pl32:photoline:20.02:*:*:*:*:*:*:*

History

07 Jun 2022, 17:39

Type Values Removed Values Added
References (BID) http://www.securityfocus.com/bid/101188 - Third Party Advisory, VDB Entry (BID) http://www.securityfocus.com/bid/101188 - Broken Link

Information

Published : 2017-10-05 19:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-2880

Mitre link : CVE-2017-2880

CVE.ORG link : CVE-2017-2880


JSON object : View

Products Affected

pl32

  • photoline
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer