145 matches found
CVE-2020-28587
A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to...
CVE-2020-13546
In SoftMaker Software GmbH SoftMaker Office TextMaker 2021 revision 1014, a specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based buffer...
CVE-2020-13586
A memory corruption vulnerability exists in the Excel Document SST Record 0x00fc functionality of SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 Revision 1014. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this...
CVE-2020-13579
An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation...
CVE-2020-13580
An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it to writ...
CVE-2020-13544
An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s...
CVE-2020-13545
An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer th...
CVE-2020-13581
In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 Revision 1014, a specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is smaller than the size used for the copy which will cause a heap-based buffer overflow. An attacker...
SoftMaker Office / FreeOffice Local Privilege Escalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via MSI installer product: SoftMaker Office / FreeOffice vulnerable version: SoftMaker Office 2024 / NX before revision 1214 FreeOffice 2021...
CVE-2023-7270
An issue was discovered in SoftMaker Office 2024 / NX before revision 1214 and SoftMaker FreeOffice 2014 before revision 1215. FreeOffice 2021 is also affected, but won't be fixed. The SoftMaker Office and FreeOffice MSI installer files were found to produce a visible conhost.exe window running a...
CVE-2023-7270 Local Privilege Escalation via MSI installer
An issue was discovered in SoftMaker Office 2024 / NX before revision 1214 and SoftMaker FreeOffice 2014 before revision 1215. FreeOffice 2021 is also affected, but won't be fixed. The SoftMaker Office and FreeOffice MSI installer files were found to produce a visible conhost.exe window running a...
CVE-2023-7270 Local Privilege Escalation via MSI installer
An issue was discovered in SoftMaker Office 2024 / NX before revision 1214 and SoftMaker FreeOffice 2014 before revision 1215. FreeOffice 2021 is also affected, but won't be fixed. The SoftMaker Office and FreeOffice MSI installer files were found to produce a visible conhost.exe window running a...
CVE-2023-7270
CVE-2023-7270 affects SoftMaker Office 2024/NX (before rev 1214) and FreeOffice 2014 (before rev 1215); FreeOffice 2021 is affected but will not be fixed. The MSI repair function can spawn a visible conhost.exe running as SYSTEM, enabling a local, low-privilege attacker to chain actions and launc...
SoftMaker Office Permission License and Access Control Issues Vulnerability
Softmaker Office is a multi-platform supported office software from Softmaker, a German company. The software is used for word processing, spreadsheets, presentation design, and can also be scripted, and supports a variety of common Office file formats, as well as a variety of internal formats th...
PT-2024-15262 · Softmaker +1 · Softmaker Office 2024 +3
Name of the Vulnerable Software and Affected Versions: SoftMaker Office 2024 / NX versions prior to revision 1214 SoftMaker FreeOffice 2014 versions prior to revision 1215 SoftMaker FreeOffice 2021 no fix available Description: An issue was discovered in the SoftMaker Office and FreeOffice MSI...
CVE-2023-24295
A stack overfow in SoftMaker Software GmbH FlexiPDF v3.0.3.0 allows attackers to execute arbitrary code after opening a crafted PDF file...
Design/Logic Flaw
A stack overfow in SoftMaker Software GmbH FlexiPDF v3.0.3.0 allows attackers to execute arbitrary code after opening a crafted PDF file...
CVE-2023-24295
A stack overfow in SoftMaker Software GmbH FlexiPDF v3.0.3.0 allows attackers to execute arbitrary code after opening a crafted PDF file...
PT-2023-19519 · Softmaker Software Gmbh · Flexipdf
Name of the Vulnerable Software and Affected Versions: SoftMaker Software GmbH FlexiPDF version 3.0.3.0 Description: A stack overflow in FlexiPDF allows attackers to execute arbitrary code after opening a crafted PDF file. Recommendations: For SoftMaker Software GmbH FlexiPDF version 3.0.3.0,...
SoftMaker Software GmbH FlexiPDF 缓冲区错误漏洞
SoftMaker Software GmbH FlexiPDF is a PDF compiler from SoftMaker. A security vulnerability exists in SoftMaker Software GmbH FlexiPDF version v3.0.3.0, which originates from the presence of a stack overflow that can be exploited by an attacker to execute arbitrary code after exploiting a crafted...