CERTVU:646748Embarcadero Delphi and C++Builder VCL BMP file processing buffer overflow
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.117 Low
EPSS
Percentile
95.3%
Overview
Embarcadero Delphi and C++ Builder Visual Component Library (VCL) bitmap (BMP) file processing code contains a buffer overflow that could allow an attacker to execute arbitrary code.
Description
Embarcadero Delphi and C++ Builder tools contain a buffer overflow (CWE-119) in VCL BMP file processing code (Vcl.Graphics.TPicture.Bitmap). Core Security Technologies advisory CORE-2014-0004 provides further details, including more specific information about vulnerable development tools. Any application built with a vulnerable VCL version are likely to also be vulnerable.
Impact
An attacker who can cause a vulnerable application to process a specially crafted BMP file could execute arbitrary code. Whether or not the attacker is remote or authenticated depends on the interfaces and behavior of the vulnerable application.
Solution
Update
Embarcadero has released a hotfix for XE6-series tools and provided documentation for older tools on how to modify VCL source code.
Rebuild applications
After updating using the hotfix or manually editing the VCL source code, rebuild applications using the updated VCL code.
Vendor Information
646748
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Embarcadero Technologies Affected
Notified: July 09, 2014 Updated: September 11, 2014
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Vendor References
- <http://support.embarcadero.com/article/44015>
- <http://docwiki.embarcadero.com/Libraries/XE6/en/Vcl.Graphics.TPicture.Bitmap>
- <http://qc.embarcadero.com/wc/qcmain.aspx?d=126004>
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 7.5 | AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Temporal | 6.8 | E:POC/RL:ND/RC:C |
| Environmental | 5.1 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
- <http://www.coresecurity.com/advisories/delphi-and-c-builder-vcl-library-buffer-overflow>
- <http://docwiki.embarcadero.com/Libraries/XE6/en/Vcl.Graphics.TPicture.Bitmap>
- <http://qc.embarcadero.com/wc/qcmain.aspx?d=126004>
- <http://support.embarcadero.com/article/44015>
- <http://cwe.mitre.org/data/definitions/119.html>
Acknowledgements
Thanks to Marcos Accossatto and JoaquΓn RodrΓguez Varela from Core Security Technologies and Mike Devery from Embarcadero.
This document was written by Art Manion.
Other Information
| CVE IDs: | CVE-2014-0993 |
|---|---|
| Date Public: | 2014-08-20 Date First Published: |
Related
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.117 Low
EPSS
Percentile
95.3%