Arbitrary Address Execution via OOB Read Vulnerability in libswmfextractor.so

Arbitrary Address Execution via OOB Read Vulnerability in libswmfextractor.so

CVE-2021-25456 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file.

Learn more about our Web Application Penetration Testing UK.