CVE-2017-2788

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 10-03-2017 11:59

Last modified: - 27-01-2023 09:53

Total changes: - 3

Description

A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Low

Attack complexity

Network

Attack vector

High

Availability

High

Confidentiality

High

Integrity

None

Privileges required

Changed

Scope

None

User interaction

10.0

Base score

3.9

6.0

Exploitability score

Impact score

Verification logic

Reference

http://www.talosintelligence.com/reports/TALOS-2017-0283/
96742-Broken Link, Third Party Advisory, VDB Entry

Keywords

CVE-2017-2788

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2017-2788

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures