A buffer overflow vulnerability exists in Antenna House’s Rainbow PDF when the software attempts to convert a PowerPoint document. Rainbow PDF has the ability to convert Microsoft Office 97-2016 documents into a PDF. This particular bug arises when the converter incorrectly checks the bounds of a particular function, causing a vtable pointer to be overwritten. This could allow an attacker to overflow the buffer and gain the ability to execute code remotely on the victim machine.
In accordance with our coordinated disclosure policy, Cisco Talos worked with Antenna House to ensure that these issues are resolved and that an update is available for affected customers.
Antenna House Rainbow PDF Office server document converter TxMasterStyleAtom parsing code execution vulnerability (TALOS-2019-0792/CVE-2019-5030)
A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter, version 7.0 Pro MR1 (7,0,2019,0220). While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds corresponding to the number of style levels, causing a vtable pointer to be overwritten, which leads to code execution.
Read the complete vulnerability advisory here for additional information.
Talos tested and confirmed that Rainbow PDF Office Server Document Converter, V7 Pro MR1 for Linux64 (7.0.2019.0220) is affected by this vulnerability.
The fo ..