VWE-2017-4275 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2017-4275
This page is a chapter in Info Known Vulnerabilities

This page has been seen 239,122 times.

- Created by
  pegasus
  on December 2, 2017
  
  Last updated by
  pegasus
  on April 8, 2018

Common Name None
VWE-ID VWE-2017-4275
Related Report #5303
Severity HIGH
Exploit Difficulty NORMAL
Platform Affects all platforms supported by the vulnerable versions.
Description Legal. Inability to parse IPTC segments in certain PNG files. Does not affect Lite versions.

Discovered November 12, 2017
Resolved December 1, 2017
Patches Available 4.0.20 Patch Level 1
4.0.19 Patch Level 4
4.0.18 Patch Level 5
4.0.17 Patch Level 7
4.0.16 Patch Level 8
4.0.15 Patch Level 12
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

Notes
It is worth noting that neither vBulletin nor XenForo developers consider IPTC issues as bugs.

Common Name	None
VWE-ID	VWE-2017-4275
Related Report	#5303
Severity	HIGH
Exploit Difficulty	NORMAL
Platform	Affects all platforms supported by the vulnerable versions.
Description	Legal. Inability to parse IPTC segments in certain PNG files. Does not affect Lite versions.
Discovered	November 12, 2017
Resolved	December 1, 2017
Patches Available	4.0.20 Patch Level 1 4.0.19 Patch Level 4 4.0.18 Patch Level 5 4.0.17 Patch Level 7 4.0.16 Patch Level 8 4.0.15 Patch Level 12