[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Hancom Office '.hml' file heap-based buffer overflow

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Hancom Office '.hml' file heap-based buffer overflow
From: diroverflow@xxxxxxxxx
Date: Tue, 17 Dec 2013 09:21:00 GMT

There is a vulnerability in Hancom Office 2010 SE, which can be exploited by 
malicious people to compromise a user's system.
'.hml' is a type of XML document files which is defined by Hancom. Contructing 
a long TEXTART tag will cause a heap-based buffer overflow. Such as:

<TEXTART Text="AAAAAAAA...(more than 500 bytes)" X0="0" X1="14173" X2="14173" 
X3="0" Y0="0" Y1="0" Y2="14173" Y3="14173">

Successful exploitation of the vulnerabilities may allow execution of arbitrary 
code.The vulnerabilities are confirmed in version 8.5.8. Other versions may 
also be affected.

Prev by Date: [slackware-security] seamonkey (SSA:2013-350-07)
Next by Date: [ MDVSA-2013:287-1 ] drupal
Previous by thread: [slackware-security] seamonkey (SSA:2013-350-07)
Next by thread: [ MDVSA-2013:287-1 ] drupal
Index(es):
- Date
- Thread