Computer Security
[EN] no-pyccku

Hancom Office memory corruption
SecurityVulns ID:14398
Threat Level:
Description:Memory corruption on document parsing.
Affected:HANCOM : Hancom Office Hwp 2014
CVE:CVE-2015-2810 (Integer overflow in the HwpApp::CHncSDS_Manager function in Hancom Office HanWord processor, as used in Hwp 2014 VP before, HanWord Viewer 2007 and Viewer 2010, and HwpViewer 2014 VP, allows remote attackers to cause a denial of service (crash) and possibly "influence the program's execution flow" via a document with a large paragraph size, which triggers heap corruption.)
Original documentdocumentDaniel Regalado, [CVE-2015-2810] Integer Overflow leading to heap corruption when assigning a long paragraph size value to a HanWord document (17.04.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod