CVE-2020-25291
HIGHKingsoft WPS Office < 11.2.0.9403 - Remote Heap Corruption via Crafted PLTE Chunk in PNG Data
Title source: llmDescription
GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
http://zeifan.my/security/rce/heap/2020/09/03/wps-rce-heap.html
Scores
CVSS v3
7.8
EPSS
0.0162
EPSS Percentile
73.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (1)
kingsoft/wps_office
< 11.2.0.9403
Published
Sep 13, 2020
Tracked Since
Feb 18, 2026