VYPR
High severity7.8NVD Advisory· Published Sep 13, 2020· Updated Jun 17, 2026

CVE-2020-25291

CVE-2020-25291

Description

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.