CVE-2018-4038

Name of the Vulnerable Software and Affected Versions Atlantis Word Processor version 3.2.7.2

Description The issue is related to an arbitrary write vulnerability in the open document format parser. It occurs when the parser attempts to null-terminate a string, allowing an attacker to pass an untrusted value as a length to a constructor. This can lead to memory corruption, potentially resulting in code execution under the context of the application. The vulnerability can be triggered by convincing a victim to open a specially crafted document.

Recommendations For Atlantis Word Processor version 3.2.7.2, consider avoiding the use of the open document format parser until a patch is available. As a temporary workaround, restrict the opening of documents from untrusted sources to minimize the risk of exploitation.