CVE

Id
91113  
CVE No.
CVE-2016-4294  
Status
Candidate  
Description
When opening a Hangul Hcell Document (.cell) and processing a property record within the Workbook stream, Hancom Office 2014 will attempt to allocate space for an element using a length from the file. When copying user-supplied data to this buffer, however, the application will use a different size which leads to a heap-based buffer overflow. This vulnerability can lead to code-execution under the context of the application.  
Phase
Assigned (20160427)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
783560 91113 CVE-2016-4294 MISC:http://www.talosintelligence.com/reports/TALOS-2016-0149/  View
783561 91113 CVE-2016-4294 BID:92327  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
3261 JVNDB-2016-004034 複数の Apple 製品の libxslt におけるサービス運用妨害 (DoS) の脆弱性 複数の Apple 製品の libxslt には、サービス運用妨害 (メモリ破損) 状態にされるなど、不特定の影響を受ける脆弱性が存在します。 CVE-2016-4607 91113 7.5 9.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004034.html  View