← volver
CVE-2025-34106

PDF Shaper v3.5/3.6 Buffer Overflow via Convert to Image Feature

CVSS 8.4 HIGHEPSS 0.3%CWE-119CWE-120
Vexday Risk Score
36Atención
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
CVSS 8.4EPSS 0.3%KEV nãoPoC Nuclei Metasploit simPatch
Ciclo de vida
03 oct 2015Exploit Metasploit disponible
15 jul 2025Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
A buffer overflow vulnerability exists in PDF Shaper versions 3.5 and 3.6 when converting a crafted PDF file to an image using the 'Convert PDF to Image' functionality. An attacker can exploit this vulnerability by tricking a user into opening a maliciously crafted PDF file, leading to arbitrary code execution under the context of the user. This vulnerability has been verified on Windows XP, 7, 8, and 10 platforms using the PDFTools.exe component.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Burnaware · PDF Shaper