Computer Security
[EN] securityvulns.ru no-pyccku


Embarcadero Delphi / C++ Builder VCL library buffer overflow
Published:15.10.2014
Source:
SecurityVulns ID:14021
Type:library
Threat Level:
5/10
Description:Buffer overflow on BMP parsing.
Affected:EMBARCADERO : C++Builder XE6
 EMBARCADERO : Delphi XE6
CVE:CVE-2014-0994 (Heap-based buffer overflow in the ReadDIB function in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows context-dependent attackers to execute arbitrary code via the BITMAPINFOHEADER.biClrUsed field in a BMP file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0993.)
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, [CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow (15.10.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod