Blog | G5 Cyber Security

Vulnerability Spotlight: Information Disclosure Vulnerability in Lexmark Perceptive Document Filters

Talos are releasing a new vulnerability discovered within the Lexmark Perceptive Document Filters library. TALOS-2017-0302 allows for information disclosure using specifically crafted files. The vulnerability exists in the processing of the IHlink records of Office Art objects embedded in XLS files. The absence of a value sanitization check for variable length fields in a file allows an attacker to create a specially crafted XLS file which causes an arbitrary memory read to steal information from the system.”]

Source: https://blog.talosintelligence.com/2017/04/lexmark-vulnerability.html

Exit mobile version