PT-2018-16372 · Atlantis · Atlantis Word Processor

Published

2018-12-01

Updated

2022-06-07

CVE-2018-4039

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Atlantis Word Processor version 3.2.7.2

Description An out-of-bounds write issue exists in the PNG implementation, allowing an attacker to corrupt memory, potentially leading to code execution under the context of the application. This can be triggered by convincing a victim to open a specially crafted document.

Recommendations For Atlantis Word Processor version 3.2.7.2, update to a newer version that contains a fix for this issue, as using a specially crafted document can lead to code execution.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2018-4039

Affected Products

Atlantis Word Processor

PT-2018-16372 · Atlantis · Atlantis Word Processor

CVE-2018-4039

Weakness Enumeration

Related Identifiers

Affected Products

References · 3