Kingsoft Office Writer 2007/2010 CVE-2013-0710 Remote Buffer Overflow Vulnerability
BID:58235
Info
Kingsoft Office Writer 2007/2010 CVE-2013-0710 Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 58235 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2013-0710 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 01 2013 12:00AM |
| Updated: | Mar 01 2013 12:00AM |
| Credit: | Yuji Ukai |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Kingsoft Office Writer 2007/2010 CVE-2013-0710 Remote Buffer Overflow Vulnerability
Kingsoft Office Writer 2007 and 2010 are prone to a remote buffer-overflow vulnerability because it fails to properly validate user-supplied input before copying it into a fixed-length buffer.
Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition.
Versions prior to Kingsoft Office Writer 2007 and 2010 2724 are vulnerable.
Kingsoft Office Writer 2007 and 2010 are prone to a remote buffer-overflow vulnerability because it fails to properly validate user-supplied input before copying it into a fixed-length buffer.
Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition.
Versions prior to Kingsoft Office Writer 2007 and 2010 2724 are vulnerable.
Exploit / POC
Kingsoft Office Writer 2007/2010 CVE-2013-0710 Remote Buffer Overflow Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Kingsoft Office Writer 2007/2010 CVE-2013-0710 Remote Buffer Overflow Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Kingsoft Office Writer 2007/2010 CVE-2013-0710 Remote Buffer Overflow Vulnerability
References:
References:
- Buffer overflow vulnerability in Kingsoft Writer 2007/2010 (KINGSOFT, INC)
- Kingsoft Office Home Page (KINGSOFT, INC)
- JVN#55924624 Kingsoft Writer vulnerable to buffer overflow (JPCERT)
- JVNDB-2013-000016 Kingsoft Writer vulnerable to buffer overflow (JPCERT)