Hancom Office 2010 SE Buffer Overflow

Hancom Office 2010 SE Buffer Overflow: Posted Dec 19, 2013; Authored by diroverflow; Hancom Office 2010 SE suffers from a buffer overflow vulnerability when parsing the TEXTART tag in .hml files. Version 8.5.8 is vulnerable.; tags | advisory, overflow; SHA-256 | 05541c8cc40849ea336d882d7811dc128a0cb46699ad4e48d5f4108d8f73f066; Download | Favorite | View

Hancom Office 2010 SE Buffer Overflow

There is a vulnerability in Hancom Office 2010 SE, which can be exploited by malicious people to compromise a user's system.
'.hml' is a type of XML document files which is defined by Hancom. Contructing a long TEXTART tag will cause a heap-based buffer overflow. Such as:

<TEXTART Text="AAAAAAAA...(more than 500 bytes)" X0="0" X1="14173" X2="14173" X3="0" Y0="0" Y1="0" Y2="14173" Y3="14173">

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.The vulnerabilities are confirmed in version 8.5.8. Other versions may also be affected.

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Hancom Office 2010 SE Buffer Overflow

Hancom Office 2010 SE Buffer Overflow

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Hancom Office 2010 SE Buffer Overflow

Share This

Hancom Office 2010 SE Buffer Overflow

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems