The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote attackers to cause a denial of service (access violation and application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file.
References
Link | Resource |
---|---|
https://github.com/Khwarezmia/WPS_POC/tree/master/wps_20180129 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2018-01-29 11:29
Updated : 2021-01-28 07:16
NVD link : CVE-2018-6390
Mitre link : CVE-2018-6390
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
wps
- wps_office