CVE-2018-17141

Published: Sep 21, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[debian-lts-announce] 20180922 [SECURITY] [DLA 1515-1] hylafax security update

mailing-list

x_refsource_MLIST

20180919 X41 D-Sec GmbH Security Advisory X41-2018-008: Multiple Vulnerabilities in HylaFAX

mailing-list

x_refsource_BUGTRAQ

http://git.hylafax.org/HylaFAX?a=commit%3Bh=c6cac8d8cd0dbe313689ba77023e12bc5b3027be

x_refsource_CONFIRM

https://www.x41-dsec.de/lab/advisories/x41-2018-008-hylafax/

x_refsource_MISC

DSA-4298

vendor-advisory

x_refsource_DEBIAN

[oss-security] 20180920 X41 D-Sec GmbH Security Advisory X41-2018-008: Multiple Vulnerabilities in HylaFAX

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-17141

Description

Affected Products

References