PT-2018-16795 · Hancom · Hancom Office Neo+3
Published
2018-12-21
·
Updated
2020-08-24
·
CVE-2018-5201
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Hancom Office 2018 versions 10.0.0.8214 and earlier
Hancom Office NEO versions 9.6.1.10472 and earlier
Hancom Office 2014 versions 9.1.1.4540 and earlier
Hancom Office 2010 versions 8.5.8.1724 and earlier
Description
The issue is related to a heap overflow when handling Compound Files in documents, which can cause a program crash or denial of service conditions.
Recommendations
For Hancom Office 2018 versions 10.0.0.8214 and earlier, update to a version later than 10.0.0.8214 to resolve the issue.
For Hancom Office NEO versions 9.6.1.10472 and earlier, update to a version later than 9.6.1.10472 to resolve the issue.
For Hancom Office 2014 versions 9.1.1.4540 and earlier, update to a version later than 9.1.1.4540 to resolve the issue.
For Hancom Office 2010 versions 8.5.8.1724 and earlier, update to a version later than 8.5.8.1724 to resolve the issue.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hancom Office 2010 Se
Hancom Office 2014
Hancom Office 2018
Hancom Office Neo