CVE-2020-25291

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x.
References
Link Resource
http://zeifan.my/security/rce/heap/2020/09/03/wps-rce-heap.html Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:kingsoft:wps_office:*:*:*:*:*:*:*:*

Information

Published : 2020-09-13 08:15

Updated : 2020-09-17 07:23


NVD link : CVE-2020-25291

Mitre link : CVE-2020-25291

Products Affected
No products.
CWE