CVE-2020-13544

Name of the Vulnerable Software and Affected Versions SoftMaker Office 2021’s TextMaker application (affected versions not specified)

Description An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.