CVE-2016-4296

Name of the Vulnerable Software and Affected Versions Hancom Office 2014

Description The issue occurs when opening a Hangul Hcell Document (.cell) and processing a record that uses the CSSValFormat object. The application searches for an underscore (" ") character at the end of the string and writes a null terminator after it. If the character is at the very end of the string, the application mistakenly writes the null-byte outside the bounds of its destination, resulting in heap corruption. This can lead to code execution under the context of the application.

Recommendations For Hancom Office 2014, avoid opening Hangul Hcell Documents (.cell) that may trigger the vulnerability until a patch is available. As a temporary workaround, consider restricting the use of the CSSValFormat object in Hangul Hcell Documents to minimize the risk of exploitation.