CVE-2020-25291

HIGH

Kingsoft WPS Office < 11.2.0.9403 - Remote Heap Corruption via Crafted PLTE Chunk in PNG Data

Title source: llm
STIX 2.1

Description

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x.

References (1)

Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
http://zeifan.my/security/rce/heap/2020/09/03/wps-rce-heap.html

Scores

CVSS v3 7.8
EPSS 0.0162
EPSS Percentile 73.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
kingsoft/wps_office < 11.2.0.9403
Published Sep 13, 2020
Tracked Since Feb 18, 2026