Lucene search
+L
SoftmakerPlanmaker 20211014

9 matches found

CVE
CVE
added 2021/02/10 9:39 p.m.238 views

CVE-2020-27250

SoftMaker Office PlanMaker 2021 (Revision 1014) contains a heap-based buffer overflow in the Office Art record parsing path. The vulnerability involves 0x00eb MsoDrawingGroup processing and a nested OfficeArtDggContainer (0xf000) containing a 0xf150 sub-record. Depending on Version/Instance (0x00...

8.8CVSS7.7AI score0.00949EPSS
CVE
CVE
added 2021/02/10 9:39 p.m.223 views

CVE-2020-13581

Summary (CVE-2020-13581) : A heap-based buffer overflow exists in SoftMaker Office PlanMaker 2021 (Revision 1014) parsing the PlanMaker Document format. The 0x800D record handler allocates a 2048-byte buffer, reads a length from the record, and copies the data with memcpy using that length. If th...

8.8CVSS7.6AI score0.01032EPSS
CVE
CVE
added 2021/02/04 6:8 a.m.198 views

CVE-2020-13580

CVE-2020-13580 affects SoftMaker Office PlanMaker 2021. The issue is a heap-based buffer overflow inside the PlanMaker document parser, triggered by a crafted PMW/PlanMaker record (notably 0x8010). The vulnerability arises when the parser reads a 16-bit length from a record, clamps it to 10, but ...

8.8CVSS7.9AI score0.72559EPSS
CVE
CVE
added 2021/02/04 6:14 a.m.193 views

CVE-2020-27249

CVE-2020-27249 affects SoftMaker Office PlanMaker 2021 (Revision 1014). It describes a heap-based buffer overflow in the Office Art/DrawingGroup path: a specially crafted Excel-like document causes MsoDrawingGroup records (0x00eb) and nested Office Art records to be parsed into a fixed-size objec...

8.8CVSS7.5AI score0.01249EPSS
CVE
CVE
added 2021/02/04 6:13 a.m.190 views

CVE-2020-27247

CVE-2020-27247 affects SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted Excel/Office Art document can trigger a heap-based buffer overflow while parsing Office Art/CEscherObject records inside a MsoDrawingGroup (record type 0x00eb). The vulnerability is triggered when the Offi...

8.8CVSS7.5AI score0.01249EPSS
CVE
CVE
added 2021/02/04 6:13 a.m.187 views

CVE-2020-27248

CVE-2020-27248 affects SoftMaker Office PlanMaker 2021 (Revision 1014). The vulnerability arises in Office Art/Office drawing parsing: specifically MsoDrawingGroup with nested OfficeArt records and 0x00eb, 0xf000, and 0xf150 sub-records. Depending on Version/Instance (0x0003/0x0014, 0x0004/0x0015...

8.8CVSS7.5AI score0.01249EPSS
CVE
CVE
added 2021/02/23 6:11 p.m.100 views

CVE-2020-28587

CVE-2020-28587 affects SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted Excel-like document can trigger a heap-based buffer overflow during Office Art/CEscher parsing when copying record contents into a fixed-size object, enabling memory corruption. The advisory describes mult...

8.8CVSS7.5AI score0.00949EPSS
CVE
CVE
added 2021/02/04 6:40 a.m.84 views

CVE-2020-13586

SoftMaker Office PlanMaker 2021 (Revision 1014) contains a memory corruption vulnerability in the Excel SST record 0x00fc. The parser allocates a fixed 0x6060-byte heap buffer for the SST data and then performs a memcpy using the record length read from the file, which can exceed the allocation (...

8.8CVSS7.8AI score0.01525EPSS
CVE
CVE
added 2021/02/04 6:9 a.m.83 views

CVE-2020-13579

SoftMaker Office PlanMaker 2021 contains an exploitable integer overflow in the PlanMaker document parser. In the PMW document processing, a 32-bit value read from the record payload is trusted and multiplied by 8, which can overflow and lead to an undersized heap allocation. The code then writes...

8.8CVSS7.9AI score0.72559EPSS