Heap-based Buffer Overflow in Pharos PopUp Printer Client v9.0 Allows Remote Code Execution

Heap-based Buffer Overflow in Pharos PopUp Printer Client v9.0 Allows Remote Code Execution

CVE-2017-2785 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit.

Learn more about our User Device Pen Test.