Arbitrary Read Vulnerability in Lexmark Document Filters
CVE-2017-2806

4.3MEDIUM

Key Information:

Vendor: Lexmark
Status: Perceptive Document Filters
Vendor: CVE Published:; 20 April 2017

Summary

An arbitrary read vulnerability exists within the Lexmark Perspective Document Filters due to improper handling of XLS file parsing. An attacker can exploit this flaw by crafting specific XLS documents that, when processed, may cause the system to disclose sensitive memory information. This risk affects specific versions of the software, making it essential for users to update their systems to mitigate potential risks associated with memory disclosure.

Affected Version(s)

Perceptive Document Filters 11.3.0.2228

Perceptive Document Filters 11.3.0.2400

References

http://www.talosintelligence.com/reports/TALOS-2017-0302/

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 20, 2017
Vulnerability Reserved
Dec 1, 2016