Skip to main content

Photoline CVE-2012-1055

MEDIUM
Buffer Overflow (CWE-119)
2012-02-14 cve@mitre.org
6.8
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:P/I:P/A:P
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
P

Lifecycle Timeline

1
CVE Published
Feb 14, 2012 - 00:55 cve.org
MEDIUM 6.8

DescriptionCVE.org

Heap-based buffer overflow in PhotoLine 17.01 and possibly other versions before 17.02 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.

AnalysisAI

Heap-based buffer overflow in PhotoLine 17.01 and possibly other versions before 17.02 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Heap-based buffer overflow in PhotoLine 17.01 and possibly other versions before 17.02 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. Affected products include: Pl32 Photoline. Version information: before 17.02.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2017-12106 HIGH POC
8.8 Oct 05

A memory corruption vulnerability exists in the .TGA parsing functionality of Computerinsel Photoline 20.02. Rated high

CVE-2017-2880 HIGH POC
7.8 Oct 05

An memory corruption vulnerability exists in the .GIF parsing functionality of Computerinsel Photoline 20.02. Rated high

CVE-2017-2920 HIGH POC
7.8 Oct 05

An memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. Rated high

CVE-2018-3923 HIGH POC
7.8 Aug 01

A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.54. Rated high s

CVE-2018-3922 HIGH POC
7.8 Aug 01

A memory corruption vulnerability exists in the ANI-parsing functionality of Computerinsel Photoline 20.54. Rated high s

CVE-2018-3921 HIGH POC
7.8 Aug 01

A memory corruption vulnerability exists in the PSD-parsing functionality of Computerinsel Photoline 20.54. Rated high s

CVE-2018-3889 HIGH POC
7.8 Apr 12

A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary da

CVE-2018-3862 HIGH POC
7.8 Apr 12

A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting. Rated high

CVE-2018-3861 HIGH POC
7.8 Apr 12

A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary d

CVE-2018-3888 HIGH POC
7.8 Apr 11

A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. Rated high s

CVE-2018-3887 HIGH POC
7.8 Apr 11

A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. Rated high s

CVE-2018-3886 HIGH POC
7.8 Apr 11

A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. Rated high s

Share

CVE-2012-1055 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy