This vulnerability is an instance of a memory corruption vulnerability in AES module. The vulnerability is caused by a crafted PDF file that contains malformed AES key data. It causes an out of bounds memory access, which sometimes triggers access violation exception. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads, writes or frees potentially leading to code corruption, control-flow hijack, or information leak attack. |