CVE-2016-4293

Name of the Vulnerable Software and Affected Versions Hancom Office 2014 VP

Description The issue is related to multiple heap-based buffer overflows in the CBookBase::SetDefTableStyle and CBookBase::SetDefPivotStyle functions. This can be exploited by remote attackers to execute arbitrary code via a crafted Hangul Hcell Document (.cell) file.

Recommendations For Hancom Office 2014 VP, update to a version that fixes the buffer overflows in the CBookBase::SetDefTableStyle and CBookBase::SetDefPivotStyle functions. As a temporary workaround, consider avoiding the use of these functions or restricting the opening of .cell files from untrusted sources until a patch is available.