Investintech Able2Extract Professional 14.0.7 x64 Out-of-bounds Write Vulnerability


An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional 14.0.7 x64. A specially crafted BMP file can cause an out-of-bounds memory write.






The information has been provided by Piotr Bania

The original article can be found at:


Allowing a potential attacker to execute arbitrary code on the victim machine. It can trigger this vulnerability by sending the user a specially crafted BMP file.


Vulnerable Systems:

Able2Extract Professional 14.0.7 x64 


CVE Information:



Disclosure Timeline:
Published Date:11/5/2019