10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome

Cisco Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser. Attackers could exploit these vulnerabilities to carry out a variety of attacks, in some cases gaining the ability to execute remote code on the targete...

Design/Logic Flaw

A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file can lead to a use-after-free. An attacker can trick a user into opening a malformed file to trigger this vulnerability...

CVE-2023-32541

A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file can lead to a use-after-free. An attacker can trick a user into opening a malformed file to trigger this vulnerability...

CVE-2023-32541

CVE-2023-32541 is a use-after-free in Hancom Office 2020 HWord 11.0.0.7520 (footerr feature). Talos details show the vulnerability arises when parsing a malformed .doc with multiple footerr entries, causing a heap object to be allocated and freed, then reused via a deallocated pointer (use-after-...

Hancom Office 2020 HWord footerr use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1759 Hancom Office 2020 HWord footerr use-after-free vulnerability September 26, 2023 CVE Number CVE-2023-32541 SUMMARY A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file c...

PT-2023-23864 · Hancom · Hancom Office 2020 Hword

Name of the Vulnerable Software and Affected Versions: Hancom Office 2020 HWord version 11.0.0.7520 Description: A use-after-free issue exists in the footerr functionality. This can be triggered by a specially crafted .doc file, potentially allowing an attacker to exploit the vulnerability by...

Hancom Office Resource Management Error Vulnerability

Hancom Office is a mobile office program from the Korean company Hancom. The program supports viewing and editing documents in multiple formats. A resource management error vulnerability exists in Hancom Office version 2020 HWord 11.0.0.7520, which stems from a security issue in the footer...

CVE-2022-33896

A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...

Hancom Office 安全漏洞

Hancom Office is a mobile office program from the Korean company Hancom. The program supports viewing and editing documents in multiple formats. A security vulnerability exists in Hancom Office 2020, which originates from a buffer overflow in Hword when parsing XML-based office documents...

Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability

Talos Vulnerability Report TALOS-2022-1574 Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability October 4, 2022 CVE Number CVE-2022-33896 SUMMARY A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A...

Hancom Office 2020 Hword HwordApp.dll SectorLoc heap-based buffer overflow

Summary A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this...

Hancom Office HwordApp.dll Library tfo_common Component Resource Management Error Vulnerability

Hancom Office is a mobile office program from the Korean company Hancom. The program supports viewing and editing documents in many formats. hncbd90 is one of the hncbd90 libraries. A resource management error vulnerability exists in the tfocommon component of the HwordApp.dll library in Hancom...