CVE-2016-4291

Name of the Vulnerable Software and Affected Versions Hancom Office 2014

Description The issue arises when opening a Hangul HShow Document (.hpt) and processing a structure within the document. This can cause an integer overflow due to a field from the structure being used in an operation without proper bounds checking. As a result, the allocated memory buffer for copying file data can be undersized, leading to writing outside the buffer's bounds when reading file data. This can potentially result in code execution under the context of the application.

Recommendations For Hancom Office 2014, consider updating to a newer version that addresses this issue, as the current version lacks proper bounds checking, leading to potential code execution vulnerabilities. At the moment, there is no information about a newer version that contains a fix for this vulnerability.