Known Vulnerabilities for products from Kingsoft

Listed below are 15 of the newest known vulnerabilities associated with the vendor "Kingsoft".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2020-25291	GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG d...	7.8 - HIGH	2020-09-13	2020-09-17
CVE-2018-9151	A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver K...	5.5 - MEDIUM	2018-03-30	2018-04-18
CVE-2018-7546	wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via ...	5.5 - MEDIUM	2018-07-18	2018-09-14
CVE-2013-5999	Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-...	5.8 - MEDIUM	2013-11-22	2014-03-05
CVE-2013-3934	Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows rem...	9.3 - HIGH	2013-09-10	2013-09-10
CVE-2013-0723	Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a ...	9.3 - HIGH	2013-07-29	2013-07-30
CVE-2013-0710	Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted ...	9.3 - HIGH	2013-03-05	2013-03-05
CVE-2012-4886	Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 possibly 8.1.0.3238 allows remote attackers to execute a...	10 - HIGH	2014-03-24	2017-08-29
CVE-2012-0321	Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of ser...	2.1 - LOW	2012-03-02	2012-03-05
CVE-2011-0515	KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 allows local users to cause a denial of service (crash)...	2.1 - LOW	2011-01-20	2018-10-30
CVE-2010-5164	DISPUTED Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass k...	6.2 - MEDIUM	2012-08-25	2023-11-07
CVE-2010-3396	Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to execute arbitrary code vi...	7.2 - HIGH	2010-09-15	2018-10-30
CVE-2010-2031	KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arb...	7.2 - HIGH	2010-05-24	2017-08-17
CVE-2008-1307	Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Up...	10 - HIGH	2008-03-12	2017-09-29
CVE-2004-1494	Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( ...	5 - MEDIUM	2004-12-31	2017-07-11

Known software with vulnerabilities from Kingsoft

Type	Vendor	Product	Version
Application	Kingsoft	Internet Security 9 Plus	2010.06.23.247
Application	Kingsoft	Kdrive	1.21.0.1878
Application	Kingsoft	Kingsoft Antivirus	2010.04.26.648
Application	Kingsoft	Office 2012	8.1.0.3238
Application	Kingsoft	Office 2013	9.1.0.4256
Application	Kingsoft	Personal Firewall 9	2009.05.07.70
Application	Kingsoft	Spreadsheets 2012	8.1.0.3030
Application	Kingsoft	Wps Office	-
Application	Kingsoft	Writer 2007	-
Application	Kingsoft	Writer 2010	2723
Application	Kingsoft	Writer 2012	8.1.0.3030