Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2014-0993

Published: 15/09/2014 Updated: 16/09/2014
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 606
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Embarcadero Delphi Xe6

Vulnerability Summary

Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote malicious users to execute arbitrary code via a crafted BMP file.

Vulnerable Product Search on Vulmon Subscribe to Product

embarcadero embarcadero delphi xe6 20.0.15596.9843

embarcadero embarcadero c\\+\\+builder xe6 20.0.15596.9843

Github Repositories

https://github.com/SecureAuthCorp/Embarcadero-Workaround

This is a workaround for CVE-2014-0993 and CVE-2014-0994 that patches on memory without the need to recompile your vulnerable software. This is not the Embarcadero official fix, this is only CORE Security workaround.

##What is Embarcadero Workaround ? This is an unofficial "patch" for "Embarcadero VCL Library Stack/Heap Overflow" (CVE-2014-0993 and CVE-2014-0994) ##Which Software versions does this workaround support? 32-bit software compiled with Delphi and C++ Builder where the "VCL library" was included, as long as the library is statically linked into the

https://github.com/helpsystems/Embarcadero-Workaround

This is a workaround for CVE-2014-0993 and CVE-2014-0994 that patches on memory without the need to recompile your vulnerable software. This is not the Embarcadero official fix, this is only CORE Security workaround.

##What is Embarcadero Workaround ? This is an unofficial "patch" for "Embarcadero VCL Library Stack/Heap Overflow" (CVE-2014-0993 and CVE-2014-0994) ##Which Software versions does this workaround support? 32-bit software compiled with Delphi and C++ Builder where the "VCL library" was included, as long as the library is statically linked into the

References

CWE-119http://www.coresecurity.com/advisories/delphi-and-c-builder-vcl-library-buffer-overflowhttp://www.kb.cert.org/vuls/id/646748http://support.embarcadero.com/article/44015https://nvd.nist.govhttps://github.com/SecureAuthCorp/Embarcadero-Workaroundhttps://www.kb.cert.org/vuls/id/646748
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook