CVE-2017-2819

An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which can lead to code execution under the context of the application. An attacker can entice a user to open up a document in order to trigger this vulnerability.
References
Link Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0320 Exploit Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hancom:hangul_word_processor:9.6.1.4350:*:*:*:*:*:*:*
cpe:2.3:a:hancom:thinkfree_office_neo:9.6.1.4902:*:*:*:*:*:*:*

Information

Published : 2017-05-24 07:29

Updated : 2022-04-19 12:15


NVD link : CVE-2017-2819

Mitre link : CVE-2017-2819


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

hancom

  • thinkfree_office_neo
  • hangul_word_processor