PT-2018-17415 · Kingsoft · Kingsoft Wps Office

Published

2018-01-25

Updated

2018-02-12

CVE-2018-6217

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Kingsoft WPS Office versions 10.1.0.7106 through 10.2.0.5978

Description The issue allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved through a crafted web page, office document, or .rtf file.

Recommendations For Kingsoft WPS Office version 10.1.0.7106, update to a version that contains a fix for this issue. For Kingsoft WPS Office version 10.2.0.5978, update to a version that contains a fix for this issue. As a temporary workaround, consider avoiding the use of potentially crafted web pages, office documents, or .rtf files until a patch is available.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-6217

Affected Products

Kingsoft Wps Office

PT-2018-17415 · Kingsoft · Kingsoft Wps Office

CVE-2018-6217

Weakness Enumeration

Related Identifiers

Affected Products

References · 3