HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote malicious users to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
hylafax hylafax\\+ 5.6.0 |
||
hylafax hylafax 6.0.6 |