9 matches found
EUVD-2016-5296
Malware in sbrugna...
Heap overflow
Multiple heap-based buffer overflows in the 1 CBookBase::SetDefTableStyle and 2 CBookBase::SetDefPivotStyle functions in Hancom Office 2014 VP allow remote attackers to execute arbitrary code via a crafted Hangul Hcell Document .cell file...
CVE-2016-4293
The CVE-2016-4293 vulnerability affects Hancom Office 2014 VP. It occurs in Hangul Hcell documents when parsing 0x088e records in the Workbook stream: the 0x088e structure exposes table_style_length and pivot_style_length fields (at offsets 0x10 and 0x12) that are used to copy strings into the CB...
CVE-2016-4294
When opening a Hangul Hcell Document .cell and processing a property record within the Workbook stream, Hancom Office 2014 will attempt to allocate space for an element using a length from the file. When copying user-supplied data to this buffer, however, the application will use a different size...
CVE-2016-4295
When opening a Hangul Hcell Document .cell and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 2014. The vulnerability occurs when processing data for a formula used to render a chart via the...
CVE-2016-4294
When opening a Hangul Hcell Document .cell and processing a property record within the Workbook stream, Hancom Office 2014 will attempt to allocate space for an element using a length from the file. When copying user-supplied data to this buffer, however, the application will use a different size...
Out-of-bounds
When opening a Hangul Hcell Document .cell and processing a record that uses the CSSValFormat object, Hancom Office 2014 will search for an underscore "" character at the end of the string and write a null terminator after it. If the character is at the very end of the string, the application wil...
CVE-2016-4294
CVE-2016-4294 : Concrete heap-based buffer overflow in Hancom Hangul HCell OfficeArt handling. The vulnerability arises when parsing OfficeArtFOPT/OfficeArtSpContainer sub-records (pVertices and pSegmentInfo) in the Workbook stream. An IMsoArray structure (cbElem and nElems) is read from the comp...
CVE-2016-4295
Concrete details from connected reports show CVE-2016-4295 affects Hancom Hangul Hangul HCell components (HCell.exe, HCellApp.dll, HCellBook.dll, 9.1.0.2176) in Hancom Office 2014 VP. The root cause is a bounds-checking flaw in CFormulaTokenSizeModifier during chart/formula processing of Workbook...