CVE-2020-25291

Publication date

2020-09-13 19:35:09

Family

mitre

State

PUBLISHED

Description

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x.