CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32541
https://notcve.org/view.php?id=CVE-2023-32541
26 Sep 2023 — A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file can lead to a use-after-free. An attacker can trick a user into opening a malformed file to trigger this vulnerability. Existe una vulnerabilidad de use-after-free en la funcionalidad de pie de página de Hancom Office 2020 HWord 11.0.0.7520. Un archivo .doc especialmente manipulado puede generar un use-after-free. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1759 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-33896
https://notcve.org/view.php?id=CVE-2022-33896
07 Oct 2022 — A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento del búfer en la forma en que Hword de Hancom Office 2020 versión 11.0.0.5357, analiza los archivos de oficina basados en ... • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1574 • CWE-124: Buffer Underwrite ('Buffer Underflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-21958
https://notcve.org/view.php?id=CVE-2021-21958
16 Feb 2022 — A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en la funcionalidad Hword HwordApp.dll de Hancom Office 2020 versión 11.0.0.2353. Un archivo malformado diseñado especia... • https://blog.talosintelligence.com/2022/02/vuln-spotlight-.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •