CyberSec.Space Logo
Back to CVE Browser

CVE-2017-2785

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1480%
EPSS Percentile2.55th
PublishedMar 10, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit.

Affected Platforms (CPE)

πŸ“¦
Pharos

Popup

= 9.0

References & Advisories

πŸ”— http://www.securityfocus.com/bid/96742
πŸ”— http://www.talosintelligence.com/reports/TALOS-2017-0280/
πŸ”— http://www.securityfocus.com/bid/96742
πŸ”— http://www.talosintelligence.com/reports/TALOS-2017-0280/

Related Vulnerabilities

CVE-2017-278810.0

A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet ...

CVE-2004-128010.0

The gui_popup_view_fly function in gui_tview_popup.c for junkie 0.3.1 allows remote malicious FTP servers to execute arbitrary com...

CVE-2020-90069.8

The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulnerable to SQL injection (in the sgImportPopups function in sg_...

CVE-2019-146959.8

A SQL injection vulnerability exists in the Sygnoos Popup Builder plugin before 3.45 for WordPress. Successful exploitation of thi...