Planmaker 2021 Security Vulnerabilities and Issues — Planmaker 2021 CVE List

SoftmakerPlanmaker 2021

9 matches found

CVE•added 2021/02/10 9:39 p.m.•236 views

CVE-2020-27250

SoftMaker Office PlanMaker 2021 (Revision 1014) contains a heap-based buffer overflow in the Office Art record parsing path. The vulnerability involves 0x00eb MsoDrawingGroup processing and a nested OfficeArtDggContainer (0xf000) containing a 0xf150 sub-record. Depending on Version/Instance (0x00...

8.8CVSS7.7AI score0.00949EPSS

CVE•added 2021/02/10 9:39 p.m.•219 views

CVE-2020-13581

Summary (CVE-2020-13581) : A heap-based buffer overflow exists in SoftMaker Office PlanMaker 2021 (Revision 1014) parsing the PlanMaker Document format. The 0x800D record handler allocates a 2048-byte buffer, reads a length from the record, and copies the data with memcpy using that length. If th...

8.8CVSS7.6AI score0.01032EPSS

CVE•added 2021/02/04 6:8 a.m.•195 views

CVE-2020-13580

CVE-2020-13580 affects SoftMaker Office PlanMaker 2021. The issue is a heap-based buffer overflow inside the PlanMaker document parser, triggered by a crafted PMW/PlanMaker record (notably 0x8010). The vulnerability arises when the parser reads a 16-bit length from a record, clamps it to 10, but ...

8.8CVSS7.9AI score0.72559EPSS

CVE•added 2021/02/04 6:14 a.m.•190 views

CVE-2020-27249

CVE-2020-27249 affects SoftMaker Office PlanMaker 2021 (Revision 1014). It describes a heap-based buffer overflow in the Office Art/DrawingGroup path: a specially crafted Excel-like document causes MsoDrawingGroup records (0x00eb) and nested Office Art records to be parsed into a fixed-size objec...

8.8CVSS7.5AI score0.01249EPSS

CVE•added 2021/02/04 6:13 a.m.•189 views

CVE-2020-27247

CVE-2020-27247 affects SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted Excel/Office Art document can trigger a heap-based buffer overflow while parsing Office Art/CEscherObject records inside a MsoDrawingGroup (record type 0x00eb). The vulnerability is triggered when the Offi...

8.8CVSS7.5AI score0.01249EPSS

CVE•added 2021/02/04 6:13 a.m.•184 views

CVE-2020-27248

CVE-2020-27248 affects SoftMaker Office PlanMaker 2021 (Revision 1014). The vulnerability arises in Office Art/Office drawing parsing: specifically MsoDrawingGroup with nested OfficeArt records and 0x00eb, 0xf000, and 0xf150 sub-records. Depending on Version/Instance (0x0003/0x0014, 0x0004/0x0015...

8.8CVSS7.5AI score0.01249EPSS

CVE•added 2021/02/23 6:11 p.m.•96 views

CVE-2020-28587

CVE-2020-28587 affects SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted Excel-like document can trigger a heap-based buffer overflow during Office Art/CEscher parsing when copying record contents into a fixed-size object, enabling memory corruption. The advisory describes mult...

8.8CVSS7.5AI score0.00949EPSS

CVE•added 2021/02/04 6:9 a.m.•81 views

CVE-2020-13579

SoftMaker Office PlanMaker 2021 contains an exploitable integer overflow in the PlanMaker document parser. In the PMW document processing, a 32-bit value read from the record payload is trusted and multiplied by 8, which can overflow and lead to an undersized heap allocation. The code then writes...

8.8CVSS7.9AI score0.72559EPSS

CVE•added 2021/02/04 6:40 a.m.•80 views

CVE-2020-13586

SoftMaker Office PlanMaker 2021 (Revision 1014) contains a memory corruption vulnerability in the Excel SST record 0x00fc. The parser allocates a fixed 0x6060-byte heap buffer for the SST data and then performs a memcpy using the record length read from the file, which can exceed the allocation (...

8.8CVSS7.8AI score0.01525EPSS