Lucene search

PRIOn knowledge basePRION:CVE-2018-5201

HistoryDec 21, 2018 - 4:29 p.m.

Heap overflow

2018-12-2116:29:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

22.8%

JSON

Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overflow vulnerability when handling Compound File in document. This result in a program crash or denial of service conditions.

CPENameOperatorVersion
hancom_office_2010le8.5.8.1724
hancom_office_2014le9.1.1.4540
hancom_office_2018le10.0.0.8214
hancom_office_neole9.6.1.10472

Name	Operator	Version
hancom_office_2010	le	8.5.8.1724
hancom_office_2014	le	9.1.1.4540
hancom_office_2018	le	10.0.0.8214
hancom_office_neo	le	9.6.1.10472

References

www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=30116

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

22.8%

JSON

Related for PRION:CVE-2018-5201