4 matches found
CVE-2022-24934
Summary: CVE-2022-24934 affects Kingsoft WPS Office’s wpsupdater.exe up to version 11.2.0.10382. The issue allows remote code execution by modifying the HKEY_CURRENT_USER registry. Various sources (NVD, Red Hat, CVE lists, PT Security advisory) corroborate the impact and affected component. The r...
CVE-2021-40399
The CVE-2021-40399 issue affects WPS Office’s Spreadsheets (ET) component, specifically WPS Spreadsheets version 11.2.0.10351. The root cause is a use-after-free in the HTML/XML handling of XLS content, leading to remote code execution when a specially crafted XLS file is opened. Public analysis ...
CVE-2018-6390
The vulnerability CVE-2018-6390 affects Kingsoft WPS Office, specifically the WStr::assign function in kso.dll used by WPS Office versions 10.1.0.7106 and 10.2.0.5978. The issue arises because the source memory block size is not validated before a _copy call, allowing remote attackers to trigger ...
CVE-2014-2271
The CVE-2014-2271 entry concerns cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, embedded in Huawei P2 devices prior to V100R001C00B043. The issue arises when CloudPrintWebView falls back to HTTP if the HTTPS connection to the registry is blocked, enabling man-in-the...