CVE-2017-14627

Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) artist (inside the TRACK tag), or (4) default (inside the TEXT tag) parameter in an lpp project file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cyberlink:labelprint:2.5:*:*:*:*:*:*:*

History

21 Nov 2024, 03:13

Type Values Removed Values Added
References () https://blog.spentera.com/2017/09/19/unicode-stack-based-buffer-overflow-on-cyberlink-labelprint-2-5/ - Exploit, Technical Description, Third Party Advisory () https://blog.spentera.com/2017/09/19/unicode-stack-based-buffer-overflow-on-cyberlink-labelprint-2-5/ - Exploit, Technical Description, Third Party Advisory
References () https://www.exploit-db.com/exploits/42777/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/42777/ - Exploit, Third Party Advisory, VDB Entry
References () https://www.exploit-db.com/exploits/45985/ - () https://www.exploit-db.com/exploits/45985/ -

Information

Published : 2017-09-23 20:29

Updated : 2024-11-21 03:13


NVD link : CVE-2017-14627

Mitre link : CVE-2017-14627

CVE.ORG link : CVE-2017-14627


JSON object : View

Products Affected

cyberlink

  • labelprint
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer