Vulnerability has been found in the VCL (Visual Component Library) allowing an attacker to use a specially crafted BMP file that produces a buffer overflow and potentially allows him to execute arbitrary code. The vulnerability was discovered and researched by Marcos Accossatto from the Core Exploits Writers Team. Core Security Technologies recommends those affected use third party software such as Sentinel [3] or EMET [2] that could help to prevent the exploitation of affected systems to some extent. An article from Embarcadero explains the issue and includes a link to the fix [5]”]
Source: https://www.coresecurity.com/core-labs/advisories/delphi-and-c-builder-vcl-library-buffer-overflow