Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a BMP file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| jpchacha | chasys_draw_ies | 4.06.02 |
| jpchacha | chasys_draw_ies | 4.01.01 |
| jpchacha | chasys_draw_ies | 4.00.01 |
| jpchacha | chasys_draw_ies | 4.02.01 |
| jpchacha | chasys_draw_ies | 4.03.02 |
| jpchacha | chasys_draw_ies | * |
| jpchacha | chasys_draw_ies | 4.04.01 |