CVE-2017-2920

An memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. A specially crafted .SVG file can cause a vulnerability resulting in memory corruption, which can potentially lead to arbitrary code execution. An attacker can send a specific .SVG file to trigger this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:pl32:photoline:20.02:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-10-05 19:29

Updated : 2025-04-20 01:37


NVD link : CVE-2017-2920

Mitre link : CVE-2017-2920

CVE.ORG link : CVE-2017-2920


JSON object : View

Products Affected

pl32

  • photoline
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer