CVE-2017-2806 MEDIUM

CVE-2017-2806

Vendor Lexmark
Product Perceptive Document Filters
Published April 20, 2017
Last update August 5, 2024

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory disclosure. The vulnerability was confirmed on versions 11.3.0.2228 and 11.3.0.2400

Key dates

02Disclosure timeline

April 20, 2017 CVE published
August 5, 2024 Record updated