A memory corruption vulnerability exists in the PSD-parsing functionality of Computerinsel Photoline 20.54. A specially crafted PSD image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can deliver a PSD image to trigger this vulnerability and gain code execution.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0585 | Exploit Third Party Advisory |
Configurations
Information
Published : 2018-08-01 08:29
Updated : 2023-02-02 18:05
NVD link : CVE-2018-3921
Mitre link : CVE-2018-3921
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
pl32
- photoline