Skip to main content

CVE-2025-34106: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer in Burnaware PDF Shaper

High
VulnerabilityCVE-2025-34106cvecve-2025-34106cwe-119cwe-120
Published: Tue Jul 15 2025 (07/15/2025, 13:05:49 UTC)
Source: CVE Database V5
Vendor/Project: Burnaware
Product: PDF Shaper

Description

A buffer overflow vulnerability exists in PDF Shaper versions 3.5 and 3.6 when converting a crafted PDF file to an image using the 'Convert PDF to Image' functionality. An attacker can exploit this vulnerability by tricking a user into opening a maliciously crafted PDF file, leading to arbitrary code execution under the context of the user. This vulnerability has been verified on Windows XP, 7, 8, and 10 platforms using the PDFTools.exe component.

AI-Powered Analysis

AILast updated: 07/15/2025, 13:33:13 UTC

Technical Analysis

CVE-2025-34106 is a high-severity buffer overflow vulnerability identified in Burnaware's PDF Shaper software, specifically versions 3.5 and 3.6. The flaw exists within the 'Convert PDF to Image' functionality, where processing a specially crafted PDF file can cause improper restriction of operations within the bounds of a memory buffer (CWE-119). This vulnerability allows an attacker to execute arbitrary code under the context of the logged-in user by tricking them into opening a malicious PDF file. The vulnerability has been confirmed on multiple Windows platforms including XP, 7, 8, and 10, and involves the PDFTools.exe component. The CVSS 4.0 base score of 8.4 reflects a high impact, with the vector indicating local attack vector (AV:L), low attack complexity (AC:L), no privileges required (PR:N), but user interaction is necessary (UI:A). The vulnerability impacts confidentiality, integrity, and availability with high scope and impact metrics, meaning successful exploitation could lead to full system compromise or data breach. No known exploits are currently reported in the wild, and no official patches have been published yet. The vulnerability is related to common memory safety issues (CWE-119 and CWE-120), which are often exploited for remote code execution or privilege escalation. Given the nature of the flaw, attackers would likely rely on social engineering to convince users to open malicious PDFs, making user awareness and endpoint protections critical.

Potential Impact

For European organizations, this vulnerability poses a significant risk, especially those relying on PDF Shaper for document processing or conversion tasks. Exploitation could lead to arbitrary code execution, enabling attackers to deploy malware, ransomware, or conduct espionage by gaining unauthorized access to sensitive data. The impact is particularly severe for organizations handling confidential or regulated data, such as financial institutions, healthcare providers, and government agencies. Since the vulnerability requires user interaction but no privileges, it can be exploited in environments where users have standard permissions, potentially leading to lateral movement within networks. The presence of affected Windows versions including legacy systems like Windows XP and 7 increases risk in organizations with outdated infrastructure. The lack of patches means organizations must rely on interim mitigations, increasing exposure duration. Additionally, the high confidentiality and integrity impact could result in data breaches, regulatory fines under GDPR, and reputational damage.

Mitigation Recommendations

1. Immediate mitigation should include disabling or restricting the use of the 'Convert PDF to Image' functionality in PDF Shaper until a patch is available. 2. Implement strict email filtering and attachment scanning to block or quarantine suspicious PDF files, especially those originating from untrusted sources. 3. Deploy endpoint protection solutions with behavior-based detection capable of identifying exploitation attempts related to buffer overflows and arbitrary code execution. 4. Educate users on the risks of opening unsolicited or unexpected PDF attachments, emphasizing caution with document conversion tools. 5. Where possible, upgrade or replace PDF Shaper with alternative software that is not affected by this vulnerability or ensure usage of updated versions once patches are released. 6. Employ application whitelisting and privilege restrictions to limit the execution context of PDFTools.exe, reducing the potential impact of exploitation. 7. Monitor logs and network traffic for unusual activity indicative of exploitation attempts. 8. Maintain up-to-date backups and incident response plans to quickly recover from potential compromises.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulnCheck
Date Reserved
2025-04-15T19:15:22.559Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 687654a5a83201eaaccea505

Added to database: 7/15/2025, 1:16:21 PM

Last enriched: 7/15/2025, 1:33:13 PM

Last updated: 8/6/2025, 10:19:42 AM

Views: 11

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats