These vulnerabilities are discovered by Piotr Bania of Cisco Talos.

Today, Talos is releasing details of multiple vulnerabilities discovered within the Computerinsel GmbH PhotoLine image processing software. PhotoLine, developed by Computerinsel GmbH, is a well established raster and vector graphics editor for Windows and Mac OS X that can also be used for desktop publishing.

TALOS-2017-0387 (CVE-2017-2880). TALOS-2017-0427 (CVE-2017-2920), TALOS-2017-0458 (CVE-2017-12106) and TALOS-2017-0459 (CVE-2017-12107) may allow an attacker to execute arbitrary code remotely on the vulnerable system when a specially crafted image file is opened by the PhotoLine image processing software.



Talos Group

Talos Security Intelligence & Research Group