Lucene search
K

16 matches found

NVD
NVD
added 2021/02/04 7:15 a.m.22 views

CVE-2020-13580

An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it to writ...

8.8CVSS0.72559EPSS
Exploits1References1
NVD
NVD
added 2021/02/04 7:15 a.m.25 views

CVE-2020-13579

An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation...

8.8CVSS0.72559EPSS
Exploits1References1
Prion
Prion
added 2021/02/04 7:15 a.m.15 views

Heap overflow

An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it to writ...

6.8CVSS7.9AI score0.72559EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/02/04 7:15 a.m.19 views

Heap overflow

A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0003 and 0x0014, an attacker can...

6.8CVSS7.5AI score0.01249EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/02/04 7:15 a.m.14 views

Integer overflow

An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation...

6.8CVSS7.9AI score0.72559EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/02/04 6:9 a.m.26 views

CVE-2020-13579

An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation...

8.8CVSS8AI score0.72559EPSS
Exploits1References1
CVE
CVE
added 2021/02/04 6:9 a.m.83 views

CVE-2020-13579

SoftMaker Office PlanMaker 2021 contains an exploitable integer overflow in the PlanMaker document parser. In the PMW document processing, a 32-bit value read from the record payload is trusted and multiplied by 8, which can overflow and lead to an undersized heap allocation. The code then writes...

8.8CVSS7.9AI score0.72559EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/02/04 6:8 a.m.198 views

CVE-2020-13580

CVE-2020-13580 affects SoftMaker Office PlanMaker 2021. The issue is a heap-based buffer overflow inside the PlanMaker document parser, triggered by a crafted PMW/PlanMaker record (notably 0x8010). The vulnerability arises when the parser reads a 16-bit length from a record, clamps it to 10, but ...

8.8CVSS7.9AI score0.72559EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/02/04 6:8 a.m.22 views

CVE-2020-13580

An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it to writ...

8.8CVSS7.9AI score0.72559EPSS
Exploits1References1
Talos
Talos
added 2021/02/03 12:0 a.m.139 views

SoftMaker Office PlanMaker Document Records 0x8011 and 0x820a integer overflow vulnerability

Summary An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap...

8.8CVSS7.9AI score0.72559EPSS
Exploits1
Talos
Talos
added 2021/02/03 12:0 a.m.150 views

SoftMaker Office PlanMaker Document Record 0x8010 out-of-bounds write vulnerability

Summary An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it...

8.8CVSS7.9AI score0.72559EPSS
Exploits1
NVD
NVD
added 2021/01/06 3:15 p.m.13 views

CVE-2020-13545

An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer th...

8.8CVSS7.9AI score0.01581EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/01/06 2:50 p.m.19 views

CVE-2020-13545

An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer th...

8.8CVSS7.6AI score0.01581EPSS
Exploits1References1
CVE
CVE
added 2021/01/06 2:50 p.m.54 views

CVE-2020-13545

CVE-2020-13545 affects SoftMaker Office TextMaker 2021. The TALOS analysis details a signed/unsigned conversion issue in TextMaker’s document parsing that can cause heap-based memory corruption when loading a crafted TextMaker Document (.tmd). The root cause involves miscalculation of a length us...

8.8CVSS7.6AI score0.01581EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/01/06 2:48 p.m.57 views

CVE-2020-13544

CVE-2020-13544 targets SoftMaker Office 2021 TextMaker: a sign-extension vulnerability in the TextMaker document parser can cause a loop index to be used as a heap-offset, enabling heap corruption from crafted .tmd documents. The TALOS report outlines detailed disassembly showing an unsigned 16-b...

8.8CVSS7.6AI score0.01581EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/01/06 2:48 p.m.32 views

CVE-2020-13544

An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s...

8.8CVSS7.7AI score0.01581EPSS
Exploits1References1
Rows per page
Query Builder