CVE-2016-4296 in Office정보

요약

\~에 의해 MITRE

When opening a Hangul Hcell Document (.cell) and processing a record that uses the CSSValFormat object, Hancom Office 2014 will search for an underscore ("_") character at the end of the string and write a null terminator after it. If the character is at the very end of the string, the application will mistakenly write the null-byte outside the bounds of its destination. This can result in heap corruption that can lead code execution under the context of the application

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2016. 04. 27.

공개

2017. 01. 06.

모더레이션

수락

항목

VDB-95079

CPE

준비됨

CWE

CWE-119 (확인됨)

CVSS

7.8 (NVD)

EPSS

0.00527

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-4296
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-4296
CVE Details	https://www.cvedetails.com/cve/CVE-2016-4296/

◂ 이전 개요 다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!