4 results (0.013 seconds)

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 5

wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry. El ejecutable wpsupdater.exe en Kingsoft WPS Office versiones hasta 11.2.0.10382, permite una ejecución de código remota mediante la modificación de HKEY_CURRENT_USER en el registro • https://github.com/webraybtl/CVE-2022-24934 https://github.com/nanaao/CVE-2022-24934 https://github.com/ASkyeye/WPS-CVE-2022-24934 https://github.com/MagicPiperSec/WPS-CVE-2022-24934 https://decoded.avast.io/luigicamastra/operation-dragon-castling-apt-group-targeting-betting-companies https://www.wps.com •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2

The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed. El instalador de WPS Office para versiones de Windows anteriores a v11.2.0.10258, no configura correctamente la ACL para el directorio donde es instalado el programa de servicio • https://github.com/webraybtl/CVE-2022-25943 https://github.com/HadiMed/KINGSOFT-WPS-Office-LPE https://jvn.jp/en/vu/JVNVU90673830 https://www.wps.com/whatsnew/pc/20210806 • CWE-276: Incorrect Default Permissions •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x. GdiDrawHoriLineIAlt en Kingsoft WPS Office versiones anteriores a 11.2.0.9403, permite una corrupción remota de la pila por medio de un fragmento PLTE diseñado en datos PNG dentro de un documento Word. Esto está relacionado con la función QBrush::setMatrix en el archivo gui/painting/qbrush.cpp en Qt versión 4.x • http://zeifan.my/security/rce/heap/2020/09/03/wps-rce-heap.html • CWE-787: Out-of-bounds Write •

CVSS: 8.1EPSS: 5%CPEs: 3EXPL: 0

cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic. cn.wps.moffice.common.beans.print.CloudPrintWebView en Kingsoft Office versión 5.3.1, como es usado en los dispositivos Huawei P2 versiones anteriores a V100R001C00B043, vuelve a HTTP cuando la conexión HTTPS presenta un fallo en el registro, lo que permite a atacantes de tipo man-in-the-middle dirigir ataques de degradación y ejecutar código Java arbitrario mediante el aprovechamiento de una posición de red entre el cliente y el registro para bloquear el tráfico HTTPS. • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-401529.htm http://www.securityfocus.com/bid/71381 https://exchange.xforce.ibmcloud.com/vulnerabilities/99089 https://labs.f-secure.com/advisories/kingsoft-office-remote-code-execution https://labs.f-secure.com/assets/763/original/mwri_advisory_huawei_kingsoft-office.pdf • CWE-20: Improper Input Validation •