Vulnerability Description
A buffer overflow vulnerability exists in PDF Shaper versions 3.5 and 3.6 when converting a crafted PDF file to an image using the 'Convert PDF to Image' functionality. An attacker can exploit this vulnerability by tricking a user into opening a maliciously crafted PDF file, leading to arbitrary code execution under the context of the user. This vulnerability has been verified on Windows XP, 7, 8, and 10 platforms using the PDFTools.exe component.
Related Weaknesses (CWE)
References
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exp
- https://vulners.com/vulnerlab/VULNERABLE:1579
- https://www.exploit-db.com/exploits/37760
- https://www.pdfshaper.com/
- https://www.vulncheck.com/advisories/pdf-shaper-buffer-overflow-via-convert-to-i
FAQ
What is CVE-2025-34106?
CVE-2025-34106 is a documented vulnerability. A buffer overflow vulnerability exists in PDF Shaper versions 3.5 and 3.6 when converting a crafted PDF file to an image using the 'Convert PDF to Image' functionality. An attacker can exploit this vu...
How severe is CVE-2025-34106?
CVSS scoring is not yet available for CVE-2025-34106. Check NVD for updates.
Is there a patch for CVE-2025-34106?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.