Vulnerability on SaveAsPDF() method Fixed

Changelogs, news, and special event announcements.
User avatar
Site Admin
Posts: 5871
Joined: Tue Oct 17, 2006 10:48 pm
Location: France

Vulnerability on SaveAsPDF() method Fixed

Post by Loïc » Sat Oct 04, 2008 12:52 pm

To all GdPicture Toolkits users:

On 1 October 2008, a vulnerability has been identified in some GdPicture Toolkits, which could be exploited by remote attackers to take complete control of an affected system. This issue is caused by GdPicture ActiveX controls including the SaveAsPDF() method which could be exploited by attackers to create malicious files on a vulnerable system and execute arbitrary code by tricking a user into visiting a specially crafted web page.

This error has been fixed the 2 October 2008.

The GdPicture Toolkits which included this vulnerability are:

- GdPicture Light Imaging Toolkit
- GdPicture Pro Imaging SDK
- GdTwain ActiveX
- GdTwain Pro SDK

Fixed edition of these Toolkits can be download for free from this link:

More informations about this vulnerability from: ... e=threaded

Best regards,

Loïc Carrère


Who is online

Users browsing this forum: No registered users and 0 guests