Vulnerability Spotlight: Remote code execution bug in Antenna House Rainbow PDF Office document converter

Vulnerability Spotlight: Remote code execution bug in Antenna House Rainbow PDF Office document converter
Emmanuel Tacheau of Cisco Talos discovered this vulnerability.

Executive summary


A buffer overflow vulnerability exists in Antenna House’s Rainbow PDF when the software attempts to convert a PowerPoint document. Rainbow PDF has the ability to convert Microsoft Office 97-2016 documents into a PDF. This particular bug arises when the converter incorrectly checks the bounds of a particular function, causing a vtable pointer to be overwritten. This could allow an attacker to overflow the buffer and gain the ability to execute code remotely on the victim machine.

In accordance with our coordinated disclosure policy, Cisco Talos worked with Antenna House to ensure that these issues are resolved and that an update is available for affected customers.

Vulnerability details


Antenna House Rainbow PDF Office server document converter TxMasterStyleAtom parsing code execution vulnerability (TALOS-2019-0792/CVE-2019-5030)

A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter, version 7.0 Pro MR1 (7,0,2019,0220). While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds corresponding to the number of style levels, causing a vtable pointer to be overwritten, which leads to code execution.

Read the complete vulnerability advisory here for additional information.

Versions tested


Talos tested and confirmed that Rainbow PDF Office Server Document Converter, V7 Pro MR1 for Linux64 (7.0.2019.0220) is affected by this vulnerability.

Coverage


The fo ..

Support the originator by clicking the read the rest link below.