| VID |
50252 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Hancom Office 2014 installed on the remote host is a version 9.1.0.2176 and earlier. When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a list of elements using a length from the file. When calculating this length, an integer overflow can be made to occur which will cause the buffer to be undersized when the application tries to copy file data into the object containing this structure. This allows one to overwrite contiguous data in the heap which can lead to code-execution under the context of the application.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these conditions will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.talosintelligence.com/reports/TALOS-2016-0144/
* Platforms Affected:
Hancom Office 2014 versions 9.1.0.2176 and earlier.
Microsoft Windows Any version |
| Recommendation |
Update to the latest version according to the information provided on the website.
https://www.hancom.com/cs_center/csDownload.do |
| Related URL |
CVE-2016-4298 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
