Researchers found serious flaws in Investintech’s Able2Extract Professional tool that could be exploited to execute arbitrary code using specially crafted image files.
The Able2Extract Professional has over 250,000 licensed users across 135 countries, it allows them to view, convert and edit PDF files.
Cisco Talos experts discovered two high-severity memory corruption vulnerabilities that can be exploited to execute arbitrary code on the targeted machine.
“Cisco Talos recently discovered two remote code execution vulnerabilities in Investintech’s Able2Extract Professional. This software is a cross-platform PDF tool for Windows, Mac and Linux that converts PDFs and allows users to create and edit them.” reads the advisory published by Talos. “An attacker could exploit these vulnerabilities to execute arbitrary code on the victim machine.”
The vulnerabilities, tracked as CVE-2019-5088 and CVE-2019-5089, can be triggered using specially crafted JPEG or BMP image files. An attacker could trigger an out-of-bounds memory write by tricking users into opening specially crafted image files using Able2Extract Professional.
“An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional. A specially crafted JPEG file can cause an out-of-bounds memory write, allowing an attacker to execute arbitrary code on the victim machine.” reads the advisory for the CVE-2019-5089. “An attacker could exploit a vulnerability by providing the user with a specially crafted JPEG file.”
The vulnerabilities affect Able2Extract Professional version 14.0.7 x64.
Talos researchers reported the vulnerabilities to Investintech on August 1 and the company released a version to address them on November 1.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.