CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2018-5195
https://notcve.org/view.php?id=CVE-2018-5195
17 Jan 2018 — Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote attackers to execute arbitrary commands when performing the hyperlink Attributes in document. Las versiones 9.6.1.5183 y anteriores de Hancom NEO tienen una vulnerabilidad de desbordamiento de búfer que conduce a que atacantes remotos ejecuten comandos arbitrarios al ejecutar los atributos hyperlink en el documento. • http://help.hancom.com/cve/hoffice/en-US/CVE_en_050_01.htm • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2819
https://notcve.org/view.php?id=CVE-2017-2819
24 May 2017 — An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which can lead to code execution under the context of the application. An attacker can entice a user to open up a document in order to trigger this vulnerability. Existe un desbordamiento de búfer en la región heap de la memoria explotable en el componente Hangu... • https://talosintelligence.com/vulnerability_reports/TALOS-2017-0320 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •