Hancom Office '.hml' File Processing Heap Buffer Overflow Vulnerability

2013-12-19T00:00:00
ID EDB-ID:38910
Type exploitdb
Reporter diroverflow
Modified 2013-12-19T00:00:00

Description

Hancom Office '.hml' File Processing Heap Buffer Overflow Vulnerability. CVE-2013-7420. Remote exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/64499/info

Hancom Office is prone to a remote heap-based buffer-overflow vulnerability.

An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious '.hml' document file.

Successful exploits will result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.

Hancom Office 2010 SE 8.5.8 is vulnerable; Other versions may also be affected. 

<TEXTART Text="AAAAAAAA...(more than 500 bytes)" X0="0" X1="14173" X2="14173" X3="0" Y0="0" Y1="0" Y2="14173" Y3="14173">