Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistTalosCVELIST:CVE-2017-2920
HistoryOct 05, 2017 - 7:00 p.m.

CVE-2017-2920

2017-10-0519:00:00
talos
www.cve.org
3

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

High

EPSS

0.002

Percentile

64.6%

JSON

An memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. A specially crafted .SVG file can cause a vulnerability resulting in memory corruption, which can potentially lead to arbitrary code execution. An attacker can send a specific .SVG file to trigger this vulnerability.

CNA Affected

[
  {
    "product": "Computerinsel Photoline",
    "vendor": "Talos",
    "versions": [
      {
        "status": "affected",
        "version": "20.02"
      }
    ]
  }
]

Related

nvd 1
cve 1
seebug 1
talos 1
prion 1
nessus 3
openvas 4
suse 1
ubuntucve 1
gentoo 1
mageia 1
fedora 3
talosblog 1
nvd
nvd
CVE-2017-2920
2017-10-05 19:29:00
cve
cve
CVE-2017-2920
2017-10-05 19:29:00
seebug
seebug
Computerinsel Photoline SVG Parsing Code Execution Vulnerability(CVE-2017-2920)
2017-10-10 00:00:00
talos
talos
Computerinsel Photoline SVG Parsing Code Execution Vulnerability
2017-10-04 00:00:00
prion
prion
Memory corruption
2017-10-05 19:29:00
nessus
nessus
openSUSE Security Update : libofx (openSUSE-2018-820)
2018-08-08 00:00:00
GLSA-201908-26 : libofx: Multiple vulnerabilities
2019-09-03 00:00:00
SUSE SLED12 Security Update : libofx (SUSE-SU-2018:2064-1)
2018-07-27 00:00:00
openvas
openvas
openSUSE: Security Advisory for libofx (openSUSE-SU-2018:2229-1)
2018-08-08 00:00:00
Fedora Update for libofx FEDORA-2018-1b3a73b45f
2018-04-13 00:00:00
Mageia: Security Advisory (MGASA-2018-0214)
2022-01-28 00:00:00
suse
suse
Security update for libofx (important)
2018-08-07 15:07:58
ubuntucve
ubuntucve
CVE-2017-2920
2017-10-05 00:00:00
gentoo
gentoo
libofx: Multiple vulnerabilities
2019-08-31 00:00:00
mageia
mageia
Updated libofx packages fix security vulnerabilities
2018-04-30 22:08:07
fedora
fedora
[SECURITY] Fedora 26 Update: libofx-0.9.10-5.fc26
2018-04-11 19:08:49
[SECURITY] Fedora 28 Update: libofx-0.9.10-6.fc28
2018-04-07 22:16:41
[SECURITY] Fedora 27 Update: libofx-0.9.10-5.fc27
2018-04-11 16:32:20
talosblog
talosblog
Vulnerability Spotlight: Multiple vulnerabilities in Computerinsel Photoline
2017-10-04 12:05:00

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

High

EPSS

0.002

Percentile

64.6%

JSON
Related for CVELIST:CVE-2017-2920
nvd1cve1seebug1talos1prion1nessus3openvas4suse1ubuntucve1gentoo1mageia1fedora3talosblog1