Lucene search
K
AtlantiswordprocessorAtlantis Word Processor

12 matches found

CVE
CVE
added 2019/10/31 8:32 p.m.93 views

CVE-2018-3983

Summary: CVE-2018-3983 affects Atlantis Word Processor’s Word Document parser. An exploitable uninitialized pointer in the parsing pipeline can occur when handling the WordDocument structure (notably involving TTableRow/TField lists). A crafted .doc can cause an array fetch to return an uninitial...

8.8CVSS7.7AI score0.01458EPSS
CVE
CVE
added 2018/10/01 8:0 p.m.71 views

CVE-2018-3984

CVE-2018-3984 affects Atlantis Word Processor 3.0.2.3 and 3.0.2.5. The Word Document parser has an uninitialized length (SprmTDefTable) for the number of table columns, which is later used as a loop bound. A crafted Word doc can trigger a heap-based buffer overflow, leading to code execution unde...

8.8CVSS7.9AI score0.01389EPSS
CVE
CVE
added 2018/12/01 6:0 p.m.64 views

CVE-2018-4038

CVE-2018-4038 is a memory-corruption, arbitrary-write vulnerability in the Atlantis Word Processor open document format parser. Cisco Talos details show the issue stems from an insecure length handling in the NewAnsiString path within the parser’s buffer/heap management (text processing via LStrS...

8.8CVSS7.7AI score0.01279EPSS
CVE
CVE
added 2018/10/01 8:0 p.m.62 views

CVE-2018-3978

CVE-2018-3978 is a vulnerability in Atlantis Word Processor’s Word Document parser (CLX/Clx handling in the Fib-based WordDocument table). A specially crafted Word binary (DOC) document can trigger a heap-based buffer overflow by mis-processing the Clx/Pcdt piece-descriptor table: the Clx.lcb con...

8.8CVSS7.7AI score0.01007EPSS
CVE
CVE
added 2018/10/01 8:0 p.m.60 views

CVE-2018-3975

Cisco Talos reports CVE-2018-3975 as an Atlants Word Processor 3.2.6 RTF-parsing vulnerability. The flaw is an exploitable uninitialized OLE document pointer (offset -0x8e0) used when parsing RTF tokens; if an attacker can control the stack, they can trigger an out-of-bounds write that can lead t...

7.8CVSS7.7AI score0.01202EPSS
CVE
CVE
added 2018/10/01 8:0 p.m.59 views

CVE-2018-3982

CVE-2018-3982 is an exploitable arbitrary write vulnerability in the Atlantis Word Processor (Word Document parser). Cisco Talos reports that Atlantis Word Processor 3.0.2.3 and 3.0.2.5 can be induced to skip adding elements to a loop-indexed array, causing an out-of-bounds read of a pointer and,...

8.8CVSS7.6AI score0.0128EPSS
CVE
CVE
added 2018/10/01 8:0 p.m.57 views

CVE-2018-3999

Atlanti s Word Processor CVE-2018-3999 affects the JPEG parser in Atlantis Word Processor 3.2.5.0. A specially crafted embedded JPEG image can cause a length underflow, treated as unsigned, leading to a heap-based buffer overflow during decoding of JPEG markers (APPx handling) and subsequent copy...

8.8CVSS7.7AI score0.00889EPSS
CVE
CVE
added 2018/12/01 8:0 p.m.57 views

CVE-2018-4040

The CVE-2018-4040 issue affects Atlantis Word Processor versions 3.2.7.1 and 3.2.7.2, with a root cause described as an uninitialized pointer in the Rich Text Format (RTF) parser leading to heap corruption and potential code execution when a victim opens a crafted document. Cisco Talos’ advisory ...

8.8CVSS7.5AI score0.01006EPSS
CVE
CVE
added 2018/10/01 8:0 p.m.56 views

CVE-2018-3998

CVE-2018-3998 (Atlantis Word Processor) describes a heap-based buffer overflow in the Windows Enhanced Metafile parser for Atlantis Word Processor v3.2.5.0. A crafted image embedded in a document can cause an undersized allocation, leading to heap corruption when data is copied. The vulnerability...

8.8CVSS7.6AI score0.01021EPSS
CVE
CVE
added 2018/10/01 8:0 p.m.54 views

CVE-2018-4001

CVE-2018-4001 affects Atlantis Word Processor 3.2.5.0. The vulnerability is an uninitialized pointer in the Office Open XML parser that handles table rows (TTableRow). A crafted document can cause an uninitialized pointer to be assigned to a stack variable, which is later dereferenced and written...

8.8CVSS7.7AI score0.01456EPSS
CVE
CVE
added 2018/12/01 7:0 p.m.53 views

CVE-2018-4039

CVE-2018-4039 is a concrete vulnerability in Atlantis Word Processor 3.2.7.2 where the PNG image handling allows an out-of-bounds write during PNG decoding (inflate_table writes beyond a 64-byte buffer if code lengths exceed 15). This memory corruption can lead to code execution in the applicatio...

8.8CVSS7.7AI score0.01426EPSS
CVE
CVE
added 2018/10/01 8:0 p.m.50 views

CVE-2018-4000

Atlantis Word Processor (version 3.2.5.0) contains a double-free vulnerability in its Office Open XML parser. A specially crafted document can cause a TTableRow object to be referenced twice, leading to a double-free when both references are freed. The TALOS/YR details indicate an exploitable pat...

8.8CVSS7.4AI score0.01036EPSS