NVD

Id
85889  
Name
CVE-2017-2819  
Description
An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which can lead to code execution under the context of the application. An attacker can entice a user to open up a document in order to trigger this vulnerability.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-06-12  
Published
2017-05-24  
Modified Date
2017-06-06  
Seq
2017-2819  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
422492 85889 CVE-2017-0265 98285  View
422493 85889 CVE-2017-0265 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0265  View
422494 85889 CVE-2017-0265 98285  View
422495 85889 CVE-2017-0265 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0265  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
68183 JVNDB-2017-004440 Hancom Thinkfree Office NEO の Hangul Word Processor コンポーネントにおけるバッファエラーの脆弱性 Hancom Thinkfree Office NEO の Hangul Word Processor コンポーネントには、バッファエラーの脆弱性が存在します。 CVE-2017-2819 0 CVE-2017-2819 85889 6.8 7.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-004440.html 2017-05-12 2017-06-26 View