CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2023-7270 – Local Privilege Escalation via MSI installer
https://notcve.org/view.php?id=CVE-2023-7270
27 Jun 2024 — An issue was discovered in SoftMaker Office 2024 / NX before revision 1214 and SoftMaker FreeOffice 2014 before revision 1215. FreeOffice 2021 is also affected, but won't be fixed. The SoftMaker Office and FreeOffice MSI installer files were found to produce a visible conhost.exe window running as the SYSTEM user when using the repair function of msiexec.exe. This allows a local, low-privileged attacker to use a chain of actions, to open a fully functional cmd.exe with the privileges of the SYSTEM user. Se ... • https://packetstorm.news/files/id/179360 • CWE-266: Incorrect Privilege Assignment •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24295
https://notcve.org/view.php?id=CVE-2023-24295
23 Mar 2023 — A stack overfow in SoftMaker Software GmbH FlexiPDF v3.0.3.0 allows attackers to execute arbitrary code after opening a crafted PDF file. • https://www.sit.fraunhofer.de/CVE-2023-24295 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-28587
https://notcve.org/view.php?id=CVE-2020-28587
23 Feb 2021 — A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). Un documento especialmente diseñado puede causar que el analizador de documentos copie datos de un t... • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1210 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-27250
https://notcve.org/view.php?id=CVE-2020-27250
10 Feb 2021 — In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow at Version/Instance 0x0005 and 0x0016. An attacker can entice the victim to open a document to trigger this vulnerability. En SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revisión 101... • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1210 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13581
https://notcve.org/view.php?id=CVE-2020-13581
10 Feb 2021 — In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is smaller than the size used for the copy which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability. En SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revisión 1014), un documento especialmente diseñado puede hacer al analizador de ... • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1192 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13546
https://notcve.org/view.php?id=CVE-2020-13546
10 Feb 2021 — In SoftMaker Software GmbH SoftMaker Office TextMaker 2021 (revision 1014), a specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability. En SoftMaker Software GmbH SoftMaker Office TextMaker 2021 (revisión 1014), un documento especialmente diseñado puede ca... • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1163 • CWE-131: Incorrect Calculation of Buffer Size CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13586
https://notcve.org/view.php?id=CVE-2020-13586
04 Feb 2021 — A memory corruption vulnerability exists in the Excel Document SST Record 0x00fc functionality of SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de corrupción de la memoria en la funcionalidad Excel Document SST Record 0x00fc de SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revisión 1014). Un ar... • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1197 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27249
https://notcve.org/view.php?id=CVE-2020-27249
04 Feb 2021 — A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0004 and 0x0015, an attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). Un documento especialmente diseñado puede hacer que el analiz... • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1210 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27248
https://notcve.org/view.php?id=CVE-2020-27248
04 Feb 2021 — A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0003 and 0x0014, an attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). Un documento especialmente diseñado puede hacer que el analiz... • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1210 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27247
https://notcve.org/view.php?id=CVE-2020-27247
04 Feb 2021 — A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0002, an attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). Un documento especialmente diseñado puede hacer que el analizador de doc... • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1210 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •