Embarcadero · Embarcadero Delphi Xe6 · CVE-2014-0993
**Name of the Vulnerable Software and Affected Versions**
Embarcadero Delphi XE6 version 20.0.15596.9843
C++ Builder XE6 version 20.0.15596.9843
**Description**
The issue is related to a buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation. This allows remote attackers to execute arbitrary code via a crafted BMP file.
**Recommendations**
For Embarcadero Delphi XE6 version 20.0.15596.9843, consider avoiding the use of the Vcl.Graphics.TPicture.Bitmap implementation until a patch is available.
For C++ Builder XE6 version 20.0.15596.9843, consider avoiding the use of the Vcl.Graphics.TPicture.Bitmap implementation until a patch is available.