Vulnerabilities > CVE-2020-25291 - Out-of-bounds Write vulnerability in Kingsoft WPS Office
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |