CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13545
https://notcve.org/view.php?id=CVE-2020-13545
06 Jan 2021 — An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this vulnerability. Una vulnerabilidad de conversión firmada e... • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1162 • CWE-196: Unsigned to Signed Conversion Error CWE-681: Incorrect Conversion between Numeric Types CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13544
https://notcve.org/view.php?id=CVE-2020-13544
06 Jan 2021 — An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability. Una vulnerabilidad de extensión de fir... • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1161 • CWE-194: Unexpected Sign Extension CWE-681: Incorrect Conversion between Numeric Types •