16 matches found
CVE-2020-13580
An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it to writ...
CVE-2020-13579
An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation...
Heap overflow
An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it to writ...
Heap overflow
A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0003 and 0x0014, an attacker can...
Integer overflow
An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation...
CVE-2020-13579
An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation...
CVE-2020-13579
SoftMaker Office PlanMaker 2021 contains an exploitable integer overflow in the PlanMaker document parser. In the PMW document processing, a 32-bit value read from the record payload is trusted and multiplied by 8, which can overflow and lead to an undersized heap allocation. The code then writes...
CVE-2020-13580
CVE-2020-13580 affects SoftMaker Office PlanMaker 2021. The issue is a heap-based buffer overflow inside the PlanMaker document parser, triggered by a crafted PMW/PlanMaker record (notably 0x8010). The vulnerability arises when the parser reads a 16-bit length from a record, clamps it to 10, but ...
CVE-2020-13580
An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it to writ...
SoftMaker Office PlanMaker Document Records 0x8011 and 0x820a integer overflow vulnerability
Summary An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap...
SoftMaker Office PlanMaker Document Record 0x8010 out-of-bounds write vulnerability
Summary An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it...
CVE-2020-13545
An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer th...
CVE-2020-13545
An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer th...
CVE-2020-13545
CVE-2020-13545 affects SoftMaker Office TextMaker 2021. The TALOS analysis details a signed/unsigned conversion issue in TextMaker’s document parsing that can cause heap-based memory corruption when loading a crafted TextMaker Document (.tmd). The root cause involves miscalculation of a length us...
CVE-2020-13544
CVE-2020-13544 targets SoftMaker Office 2021 TextMaker: a sign-extension vulnerability in the TextMaker document parser can cause a loop index to be used as a heap-offset, enabling heap corruption from crafted .tmd documents. The TALOS report outlines detailed disassembly showing an unsigned 16-b...
CVE-2020-13544
An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s...