Описание
Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote attackers to execute arbitrary code via large dimension values in a (1) JPG image to the ImportGR in the JPG image filter module (HncJpeg10.flt) or (2) PNG image to the PNG image filter module (HncPng10.flt), which triggers a heap-based buffer overflow.
Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote attackers to execute arbitrary code via large dimension values in a (1) JPG image to the ImportGR in the JPG image filter module (HncJpeg10.flt) or (2) PNG image to the PNG image filter module (HncPng10.flt), which triggers a heap-based buffer overflow.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-1206
- https://exchange.xforce.ibmcloud.com/vulnerabilities/73025
- https://exchange.xforce.ibmcloud.com/vulnerabilities/73026
- http://osvdb.org/78906
- http://osvdb.org/78907
- http://secunia.com/advisories/47386
- http://www.hancom.co.kr/notice.noticeView.do?targetRow=1¬ice_seqno=100
- http://www.securityfocus.com/bid/51892
EPSS
CVE ID
Связанные уязвимости
Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote attackers to execute arbitrary code via large dimension values in a (1) JPG image to the ImportGR in the JPG image filter module (HncJpeg10.flt) or (2) PNG image to the PNG image filter module (HncPng10.flt), which triggers a heap-based buffer overflow.
EPSS