Vulnerability Spotlight: Multiple Remote Code Execution Vulnerabilities Within Lexmark Perceptive Document Filters.
Vulnerabilities discovered by Tyler Bohan & Marcin Noga of Cisco Talos.
Talos are today releasing three new vulnerabilities discovered within the Lexmark Perceptive Document Filters library. TALOS-2016-0172, TALOS-2016-0173 and TALOS-2016-0183 allow for a remote code execution using specifically crafted files.
These vulnerabilities are present in the Lexmark Document filter parsing engine which is used across a wide range of services such as eDiscovery, DLP, big data, content management and others. The library is commonly used across these services to allow for the deep inspection of a multitude of file formats to offer conversion capabilities such as from Microsoft document formats into other formats. Lexmark make this library available to compete against other third party and open source libraries used for such activities.
Document conversion represents an important aspect of many businesses as they attempt to move from an unstructured data solution to a more workable structured data solution in order to improve business efficiency.
The three vulnerabilities disclosed today allow for remote code execution using specifically crafted files such as XLS, Bzip2 & Compound Binary File Format (MS-CFB). This can provide an attacker with the capability to perform remote code execution within your environment and potentially offers the adversary full control of the attacked resource.