CVE-2017-2803
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability. This vulnerability only exists in the 64-bit version.
Existe una vulnerabilidad de escritura fuera de límites remota en la funcionalidad de análisis sintáctico de TIFF de Core PHOTO-PAINT X8 18.1.0.661. Un archivo TIFF especialmente manipulado puede provocar una vulnerabilidad que podría daría lugar a una potencial corrupción de memoria. Un atacante puede enviar un archivo TIFF específico para provocar esta vulnerabilidad. Esta vulnerabilidad solo existe en la versión de 64 bits.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-12-01 CVE Reserved
- 2018-04-24 CVE Published
- 2024-09-17 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/99900 | Third Party Advisory | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0297 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Corel Search vendor "Corel" | Coreldraw Photo Paint X8 Search vendor "Corel" for product "Coreldraw Photo Paint X8" | 18.1.0.661 Search vendor "Corel" for product "Coreldraw Photo Paint X8" and version "18.1.0.661" | - |
Affected
| ||||||