CVE-2016-4336
Last modified
CVE-2016-4336 is a vulnerability of currently unknown severity. An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could potentially be leveraged by an attacker to gain arbitrary code execution.. EPSS estimates a 3.80% chance of exploitation in the next 30 days.
Description
An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could potentially be leveraged by an attacker to gain arbitrary code execution.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Lexmark | Perceptive Document Filters | All versions |
References
- http://www.talosintelligence.com/reports/TALOS-2016-0173/Exploit, Technical Description, Third Party Advisory, VDB Entry
- http://www.talosintelligence.com/reports/TALOS-2016-0173/Exploit, Technical Description, Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-4336?
How severe is CVE-2016-4336?
How do I fix CVE-2016-4336?
Are you affected by CVE-2016-4336?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST