VDB-169187 · CVE-2020-13586 · TALOS-2020-1197

SoftMaker Office 2021 Revision 1014 PlanMaker heap-based overflow

A vulnerability was found in SoftMaker Office 2021 Revision 1014 and classified as critical. This issue affects an unknown code of the component PlanMaker. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field	02/04/2021 06:45 PM	02/23/2021 02:11 PM
vendor	SoftMaker	SoftMaker
name	Office	Office
version	2021 Revision 1014	2021 Revision 1014
component	PlanMaker	PlanMaker
cwe	122 (memory corruption)	122 (memory corruption)
risk	2	2
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	R	R
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	L	L
cvss3_vuldb_a	L	L
identifier	TALOS-2020-1197	TALOS-2020-1197
url	https://talosintelligence.com/vulnerability_reports/TALOS-2020-1197	https://talosintelligence.com/vulnerability_reports/TALOS-2020-1197
cve	CVE-2020-13586	CVE-2020-13586
date	1612393200 (02/04/2021)	1612393200 (02/04/2021)
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	P	P
cvss2_vuldb_e	ND	ND
cvss2_vuldb_rl	ND	ND
cvss2_vuldb_rc	ND	ND
cvss3_vuldb_e	X	X
cvss3_vuldb_rl	X	X
cvss3_vuldb_rc	X	X
cvss2_vuldb_basescore	7.5	7.5
cvss2_vuldb_tempscore	7.5	7.5
cvss3_vuldb_basescore	6.3	6.3
cvss3_vuldb_tempscore	6.3	6.3
cvss3_meta_basescore	6.3	6.3
cvss3_meta_tempscore	6.3	6.3
price_0day	$0-$5k	$0-$5k
cve_assigned		1590444000
cve_nvd_summary		A memory corruption vulnerability exists in the Excel Document SST Record 0x00fc functionality of SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!