| VID |
50251 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Hancom Office 2010 SE installed on the remote host is a version 8.5.8 and earlier. Buffer overflow in Hancom Office 2010 SE allows remote attackers to execute arbitrary via a long string in the Text attribute in a TEXTART XML element in an HML file.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these conditions will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://vuldb.com/?id.73559
https://www.exploit-db.com/exploits/38910
* Platforms Affected:
Hancom Office 2010 SE versions 8.5.8 and earlier.
Microsoft Windows Any version |
| Recommendation |
Update to the latest version according to the information provided on the website.
https://www.hancom.com/cs_center/csDownload.do |
| Related URL |
CVE-2013-7420 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
