9 matches found
CVE-2018-5201
CVE-2018-5201 affects Hancom Office products: Office 2018 (v10.0.0.8214) and earlier, Hancom Office NEO (v9.6.1.10472) and earlier, Hancom Office 2014 (v9.1.1.4540) and earlier, and Hancom Office 2010 (v8.5.8.1724) and earlier. The vulnerability is a heap overflow when processing Compound File do...
CVE-2016-4291
CVE-2016-4291 affects Hancom Hangul Office 2014 VP (Hangul HShow). A structure field in an HShow document (.hpt) can cause an integer overflow during a size calculation, leading to an undersized heap allocation. Subsequent reads write beyond the allocated buffer, enabling code execution in the Ha...
CVE-2016-4292
CVE-2016-4292 concerns Hancom Hangul Office 2014 VP’s Hangul HShow processing. A structure read from an HShow document (.hpt) causes the app to allocate a fixed 0xa0 byte buffer, then trust a length from the file to modify data inside that buffer. A 16‑bit value (treated as 15-bit) controls a loo...
CVE-2016-4290
CVE-2016-4290 affects Hancom Hangul Office 2014 (HShow component) and is triggered when processing Hangul HShow documents (.hpt). The vulnerability stems from an integer overflow: when the software reads a length from the file and adds a constant (0x16) to it without checking for overflow, a too-...
CVE-2016-4294
CVE-2016-4294 : Concrete heap-based buffer overflow in Hancom Hangul HCell OfficeArt handling. The vulnerability arises when parsing OfficeArtFOPT/OfficeArtSpContainer sub-records (pVertices and pSegmentInfo) in the Workbook stream. An IMsoArray structure (cbElem and nElems) is read from the comp...
CVE-2016-4298
CVE-2016-4298 is a code-execution vulnerability in Hancom Hangul Office HShow component. Talos and other sources describe an integer overflow during processing of Hangul HShow documents (.hpt): while reading a 0x10-byte structure from decompressed zlib data, a length derived from the file is mult...
CVE-2016-4293
The CVE-2016-4293 vulnerability affects Hancom Office 2014 VP. It occurs in Hangul Hcell documents when parsing 0x088e records in the Workbook stream: the 0x088e structure exposes table_style_length and pivot_style_length fields (at offsets 0x10 and 0x12) that are used to copy strings into the CB...
CVE-2016-4295
Concrete details from connected reports show CVE-2016-4295 affects Hancom Hangul Hangul HCell components (HCell.exe, HCellApp.dll, HCellBook.dll, 9.1.0.2176) in Hancom Office 2014 VP. The root cause is a bounds-checking flaw in CFormulaTokenSizeModifier during chart/formula processing of Workbook...
CVE-2016-4296
This CVE (CVE-2016-4296) affects Hancom Hangul HCell components (HCellApp, HCellBook, CSSValFormat) used in Hangul Office. The root cause is in CSSValFormat::CheckUnderbar: it seeks the last underscore in a Unicode string and rewrites that underscore plus a null terminator, which when the string ...