exploitDog

CVE-2020-25291

Опубликовано: 13 сент. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x.

Ссылки

http://zeifan.my/security/rce/heap/2020/09/03/wps-rce-heap.html
Exploit
Third Party Advisory
http://zeifan.my/security/rce/heap/2020/09/03/wps-rce-heap.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kingsoft:wps_office:*:*:*:*:*:*:*:*

Версия до 11.2.0.9403 (исключая)

EPSS

Процентиль: 78%

0.0115

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-2ppg-66j5-9h8g

github

больше 3 лет назад

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x.

EPSS

Процентиль: 78%

0.0115

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787