3 matches found
Microsoft Word DOCX Parsing Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
Memory out-of-bounds vulnerability in WPS Text (CNVD-2017-33980)
WPS office is an office software suite independently developed by Kingsoft Corporation. A memory out-of-bounds vulnerability exists in WPS text wps.exe in WPS when parsing a specific docx file, which can be exploited by an attacker to cause a denial of service or code execution...
WPS-Text has XXE vulnerability in docx parsing
WPS-Text is an office software. WPS-Text suffers from an XXE vulnerability in docx parsing. This allows attackers to exploit the vulnerability to cause the disclosure of sensitive user information as well as a DoS Denial of Service on the user's system...