Lucene search
K

322 matches found

Positive Technologies
Positive Technologies
added 2023/09/26 12:0 a.m.6 views

PT-2023-23864 · Hancom · Hancom Office 2020 Hword

Name of the Vulnerable Software and Affected Versions: Hancom Office 2020 HWord version 11.0.0.7520 Description: A use-after-free issue exists in the footerr functionality. This can be triggered by a specially crafted .doc file, potentially allowing an attacker to exploit the vulnerability by...

8.8CVSS7.7AI score0.00655EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/09/26 12:0 a.m.13 views

Hancom Office Resource Management Error Vulnerability

Hancom Office is a mobile office program from the Korean company Hancom. The program supports viewing and editing documents in multiple formats. A resource management error vulnerability exists in Hancom Office version 2020 HWord 11.0.0.7520, which stems from a security issue in the footer...

8.8CVSS6.7AI score0.00655EPSS
Exploits1References3
Talos
Talos
added 2023/09/26 12:0 a.m.32 views

Hancom Office 2020 HWord footerr use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1759 Hancom Office 2020 HWord footerr use-after-free vulnerability September 26, 2023 CVE Number CVE-2023-32541 SUMMARY A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file c...

8.8CVSS8.4AI score0.00655EPSS
Exploits1
The Hacker News
The Hacker News
added 2022/10/26 3:50 p.m.70 views

Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans

The North Korean espionage-focused actor known as Kimsuky has been observed using three different Android malware strains to target users located in its southern counterpart. That's according to findings from South Korean cybersecurity company S2W, which named the malware families FastFire,...

1.5AI score
Exploits0
NVD
NVD
added 2022/10/07 3:15 p.m.36 views

CVE-2022-33896

A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...

7.8CVSS0.00499EPSS
Exploits1References1
OSV
OSV
added 2022/10/07 3:15 p.m.5 views

CVE-2022-33896

A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...

7.8CVSS6.1AI score0.00499EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/10/07 3:5 p.m.36 views

CVE-2022-33896

A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...

7.8CVSS8.2AI score0.00499EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/10/07 3:5 p.m.8 views

CVE-2022-33896

A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...

7.8CVSS8AI score0.00499EPSS
Exploits1References1
CVE
CVE
added 2022/10/07 3:5 p.m.75 views

CVE-2022-33896

Hancom Office 2020 (Hword) vulnerability CVE-2022-33896 is a heap/buffer underflow in Hword when parsing XML-based documents. A specially crafted malicious .docx can trigger memory corruption by using memory before the allocation, potentially enabling arbitrary code execution. Affected version: H...

7.8CVSS7.9AI score0.00499EPSS
In wildExploits1References1Affected Software1
Talos Blog
Talos Blog
added 2022/10/07 2:11 p.m.28 views

Vulnerability Spotlight: Issue in Hancom Office 2020 could lead to code execution

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable memory corruption vulnerability in Hancom Office 2020. Hancom Office is a popular software collection among South Korean users that offers similar products to...

0.9AI score0.00499EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/10/07 12:0 a.m.4 views

PT-2022-21893 · Hancom · Hancom Office 2020

Name of the Vulnerable Software and Affected Versions: Hancom Office 2020 version 11.0.0.5357 Description: A buffer underflow issue exists in the way Hword of Hancom Office 2020 parses XML-based office files. This can be triggered by a specially-crafted malformed file, causing memory corruption b...

7.8CVSS7.8AI score0.00499EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/10/04 12:0 a.m.5 views

Hancom Office 安全漏洞

Hancom Office is a mobile office program from the Korean company Hancom. The program supports viewing and editing documents in multiple formats. A security vulnerability exists in Hancom Office 2020, which originates from a buffer overflow in Hword when parsing XML-based office documents...

7.8CVSS7.6AI score0.00499EPSS
Exploits1References3
Talos
Talos
added 2022/10/04 12:0 a.m.31 views

Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability

Talos Vulnerability Report TALOS-2022-1574 Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability October 4, 2022 CVE Number CVE-2022-33896 SUMMARY A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A...

7.8CVSS8AI score0.00499EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2022/02/25 12:0 a.m.7 views

The vulnerability of the Hword function (HwordApp.dll) in the Hancom Office software package allows a perpetrator to execute arbitrary code.

The vulnerability of the Hword function HwordApp.dll in the Hancom Office software package is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.8CVSS7.8AI score0.011EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/02/16 5:15 p.m.3 views

CVE-2021-21958

A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this...

7.8CVSS7.5AI score
Exploits0References2
Prion
Prion
added 2022/02/16 5:15 p.m.15 views

Heap overflow

A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this...

6.8CVSS8.1AI score0.011EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/02/16 4:38 p.m.85 views

CVE-2021-21958

CVE-2021-21958 is a confirmed heap-based buffer overflow affecting Hancom Office 2020 11.0.0.2353, specifically in the HwordApp.dll. The TALOS writeup documents that the vulnerability arises when processing a specially crafted file, leading to memory corruption and potential arbitrary code execut...

7.8CVSS8.1AI score0.011EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/02/16 4:38 p.m.33 views

CVE-2021-21958

A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this...

7.8CVSS8.3AI score0.011EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/02/16 4:38 p.m.5 views

CVE-2021-21958

A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this...

7.8CVSS8.3AI score0.011EPSS
Exploits1References1
Talos Blog
Talos Blog
added 2022/02/16 11:15 a.m.13 views

Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution

Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered a vulnerability in Hancom Office — a popular software suite in South Korea — that could allow an attacker to corrupt memory on the targeted machine or execute remote... This...

1.6AI score
Exploits0
Rows per page
Query Builder