This vulnerability is an instance of a memory corruption vulnerability in Product Representation Compact (PRC) format parser. PRC is a 3D file format used to store 3D representation of objects in a file. The vulnerability is caused by a crafted PDF file containing PRC encoded streams which causes an out of bounds memory access when accessing internal array during b-spline processing. It triggers access violation exception. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads, writes or frees potentially leading to code corruption, control-flow hijack, or information leak attack. |