PT-2021-9625 · Softmaker · Textmaker+1

Published

2021-01-06

Updated

2022-06-07

CVE-2020-13545

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SoftMaker Office 2021’s TextMaker application (affected versions not specified)

Description A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this issue. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-196CWE-681

Related Identifiers

CVE-2020-13545

Affected Products

Softmaker Office

Textmaker

PT-2021-9625 · Softmaker · Textmaker+1

CVE-2020-13545

Weakness Enumeration

Related Identifiers

Affected Products

References · 5