3 matches found
CVE-2021-21958
CVE-2021-21958 is a confirmed heap-based buffer overflow affecting Hancom Office 2020 11.0.0.2353, specifically in the HwordApp.dll. The TALOS writeup documents that the vulnerability arises when processing a specially crafted file, leading to memory corruption and potential arbitrary code execut...
CVE-2022-33896
Hancom Office 2020 (Hword) vulnerability CVE-2022-33896 is a heap/buffer underflow in Hword when parsing XML-based documents. A specially crafted malicious .docx can trigger memory corruption by using memory before the allocation, potentially enabling arbitrary code execution. Affected version: H...
CVE-2023-32541
CVE-2023-32541 is a use-after-free in Hancom Office 2020 HWord 11.0.0.7520 (footerr feature). Talos details show the vulnerability arises when parsing a malformed .doc with multiple footerr entries, causing a heap object to be allocated and freed, then reused via a deallocated pointer (use-after-...