Описание
Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote attackers to execute arbitrary code via large dimension values in a (1) JPG image to the ImportGR in the JPG image filter module (HncJpeg10.flt) or (2) PNG image to the PNG image filter module (HncPng10.flt), which triggers a heap-based buffer overflow.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hancom:hancom_office_2010_se:8.5.5:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.12131
Средний
9.3 Critical
CVSS2
Дефекты
CWE-189
Связанные уязвимости
github
больше 3 лет назад
Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote attackers to execute arbitrary code via large dimension values in a (1) JPG image to the ImportGR in the JPG image filter module (HncJpeg10.flt) or (2) PNG image to the PNG image filter module (HncPng10.flt), which triggers a heap-based buffer overflow.
EPSS
Процентиль: 94%
0.12131
Средний
9.3 Critical
CVSS2
Дефекты
CWE-189