Lucene search

[email protected]CVE-2018-7546

HistoryJul 18, 2018 - 4:29 p.m.

CVE-2018-7546

2018-07-1816:29:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2018-7546

kingsoft wps office

jinshan pdf

denial of service

remote attackers

crafted pdf file

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.5%

JSON

wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf file.

Affected configurations

NVD

Node

kingsoftjinshan_pdfMatch10.1.0.6621

kingsoftwps_officeMatch2016

CPENameOperatorVersion
kingsoft:jinshan_pdfkingsoft jinshan pdfeq10.1.0.6621
kingsoft:wps_officekingsoft wps officeeq2016

CPE	Name	Operator	Version
kingsoft:jinshan_pdf	kingsoft jinshan pdf	eq	10.1.0.6621
kingsoft:wps_office	kingsoft wps office	eq	2016

References

www.cnvd.org.cn/flaw/show/CNVD-2018-04657

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.5%

JSON

Related for CVE-2018-7546

nvd1 prion1 cvelist1