CVE-2025-34106
Published: 15 July 2025
Summary
CVE-2025-34106 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability. Its CVSS base score is 8.4 (High).
Operationally, ranked in the top 4.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
A buffer overflow vulnerability exists in PDF Shaper versions 3.5 and 3.6 within the PDFTools.exe component during use of the Convert PDF to Image feature. The flaw, tracked under CWE-119 and CWE-120, occurs when processing a specially crafted PDF file and has been confirmed on Windows XP, 7, 8, and 10.
An unauthenticated attacker can exploit the issue by supplying a malicious PDF and convincing a user to open it with the affected software. Successful exploitation grants arbitrary code execution in the context of the logged-in user, corresponding to the CVSS 8.4 rating that reflects local attack vector, low complexity, and high impact on confidentiality, integrity, and availability.
Public exploit code is available, including a Metasploit module and an entry on Exploit-DB, along with an advisory from VulnCheck that documents the buffer overflow via the convert-to-image feature. The EPSS score stands at 0.2172 with no material change from its recorded peak.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-21428
Vulnerability details
A buffer overflow vulnerability exists in PDF Shaper versions 3.5 and 3.6 when converting a crafted PDF file to an image using the 'Convert PDF to Image' functionality. An attacker can exploit this vulnerability by tricking a user into opening…
more
a maliciously crafted PDF file, leading to arbitrary code execution under the context of the user. This vulnerability has been verified on Windows XP, 7, 8, and 10 platforms using the PDFTools.exe component.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Managed runtimes used by platform-independent applications (e.g., JVM, CLR) enforce memory safety, preventing most buffer overflows that require direct memory manipulation.
Ongoing control assessments and code testing (static/dynamic analysis, fuzzing) surface memory buffer restriction failures, which are then remediated before release.
Memory protections (e.g., W^X, ASLR) make exploitation of buffer-boundary violations far harder to turn into code execution.
Detects exploitation attempts that produce memory corruption, crashes, or anomalous behavior.