Hancom Office – ‘.hml’ File Processing Heap Buffer Overflow

Exploit Database
25 阅读

作者： diroverflow

日期： 2013-12-19
类别：
- remote
平台：
- windows
来源：https://www.exploit-db.com/exploits/38910/

source: https://www.securityfocus.com/bid/64499/info

Hancom Office is prone to a remote heap-based buffer-overflow vulnerability.

An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious '.hml' document file.

Successful exploits will result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.

Hancom Office 2010 SE 8.5.8 is vulnerable; Other versions may also be affected. 

<TEXTART Text="AAAAAAAA...(more than 500 bytes)" X0="0" X1="14173" X2="14173" X3="0" Y0="0" Y1="0" Y2="14173" Y3="14173">

last Exploits
Hancom Office – ‘.hml’ File Processing Heap Buffer Overflow的更多信息

Endian Firewall 2.4 – ‘dansguardian.cgi?addrule’ Cross-Site Scripting：
Electron WebPreferences – Remote Code Execution：
Motorola Surfboard Cable Modem – Directory Traversal：
Microsoft Internet Explorer – Time Element Memory Corruption (MS11-050)：
GNU Bash – ‘Shellshock’ Environment Variable Command Injection：
ManageEngine Applications Manager – (Authenticated) Code Execution (Metasploit)：
VMware vSphere Data Protection 5.x/6.x – Java Deserialization：
Auerswald COMpact 8.0B – Privilege Escalation：