Summaryinfo

A vulnerability classified as problematic was found in Corel WordPerfect 2020 20.0.0.200. This vulnerability affects unknown code in the library Word97Import200.dll of the component DOC File Handler. The manipulation leads to out-of-bounds. This vulnerability was named CVE-2021-38108. The attack can be initiated remotely. There is no exploit available. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Detailsinfo

A vulnerability classified as problematic has been found in Corel WordPerfect 2020 20.0.0.200 (Word Processing Software). This affects some unknown processing in the library Word97Import200.dll of the component DOC File Handler. The manipulation with an unknown input leads to a out-of-bounds vulnerability. CWE is classifying the issue as CWE-125. The product reads data past the end, or before the beginning, of the intended buffer. This is going to have an impact on confidentiality.

The weakness was published 10/02/2021. It is possible to read the advisory at fortinet.com. This vulnerability is uniquely identified as CVE-2021-38108 since 08/04/2021. It demands that the victim is doing some kind of user interaction. Technical details of the vulnerability are known, but there is no available exploit.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• Word Processing Software

Vendor

• Corel

Name

• WordPerfect

Version

• 2020 20.0.0.200

License

• commercial

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion