CVE-2016-4296

Published on: 01/06/2017 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:26:57 PM UTC

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Certain versions of Hancom Office 2014 from Hancom contain the following vulnerability:

When opening a Hangul Hcell Document (.cell) and processing a record that uses the CSSValFormat object, Hancom Office 2014 will search for an underscore ("_") character at the end of the string and write a null terminator after it. If the character is at the very end of the string, the application will mistakenly write the null-byte outside the bounds of its destination. This can result in heap corruption that can lead code execution under the context of the application

  • CVE-2016-4296 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
  • Affected Vendor/Software: Hancom - Hancom Office version 2014 VP Trial HCell.exe Product version: 9.1.0.2176, HCellApp.dll Product version: 9.1.0.2176 HCellBook.dll Product version: 9.1.0.2176

CVSS3 Score: 7.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 6.8 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
Cisco Talos - Talos 2016 0151 Exploit
Technical Description
Third Party Advisory
VDB Entry
www.talosintelligence.com
text/html
URL Logo MISC www.talosintelligence.com/reports/TALOS-2016-0151/
Malformed Request cve.report (archive)
text/html
URL Logo BID 92327

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationHancomHancom Office 2014AllAllAllAll
  • cpe:2.3:a:hancom:hancom_office_2014:*:*:*:*:*:*:*:*: