RSS   Vulnerabilities for 'Softmaker office'   RSS

2021-01-06
 
CVE-2020-13545

CWE-681
 

 
An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021�??s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this vulnerability.

 
 
CVE-2020-13544

NVD-CWE-Other
 

 
An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021�??s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop�??s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability.

 

 >>> Vendor: Softmaker 4 Products
Softmaker office
Planmaker 2021
Softmaker office planmaker
Office textmaker 2021


Copyright 2024, cxsecurity.com

 

Back to Top