Vulnerabilities > CVE-2019-5030 - Out-of-bounds Write vulnerability in Antennahouse Rainbow PDF Office Server Document Converter 7.0.2019.0220
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 (7,0,2019,0220). While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds corresponding to the number of style levels, causing a vtable pointer to be overwritten, which leads to code execution.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Talos
id | TALOS-2019-0792 |
last seen | 2019-11-07 |
published | 2019-05-14 |
reporter | Talos Intelligence |
source | http://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0792 |
title | Antenna House Rainbow PDF Office server document converter TxMasterStyleAtom parsing code execution vulnerability |