CVE

Id
91115  
CVE No.
CVE-2016-4296  
Status
Candidate  
Description
When opening a Hangul Hcell Document (.cell) and processing a record that uses the CSSValFormat object, Hancom Office 2014 will search for an underscore ("_") character at the end of the string and write a null terminator after it. If the character is at the very end of the string, the application will mistakenly write the null-byte outside the bounds of its destination. This can result in heap corruption that can lead code execution under the context of the application  
Phase
Assigned (20160427)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
783564 91115 CVE-2016-4296 MISC:http://www.talosintelligence.com/reports/TALOS-2016-0151/  View
783565 91115 CVE-2016-4296 BID:92327  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
3263 JVNDB-2016-004036 複数の Apple 製品の libxslt におけるサービス運用妨害 (DoS) の脆弱性 複数の Apple 製品の libxslt には、サービス運用妨害 (メモリ破損) 状態にされるなど、不特定の影響を受ける脆弱性が存在します。 CVE-2016-4609 91115 7.5 9.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004036.html  View