CVE-2018-3922

Summary

A memory corruption vulnerability exists in the ANI-parsing functionality of Computerinsel Photoline 20.54. A specially crafted ANI image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can deliver an ANI image to trigger this vulnerability and gain code execution.

Affected Software

VendorProductVersion RangeStatus
ComputerinselComputerinsel PhotolineComputerinsel Photoline 20.54 for OS Xaffected

Weaknesses

  • heap-based buffer overflow

ADP Enrichment

CVE Program Container

Additional References

References