7.5
CVE-2015-2810
- EPSS 1.62%
- Veröffentlicht 15.05.2015 22:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginInteger overflow in the HwpApp::CHncSDS_Manager function in Hancom Office HanWord processor, as used in Hwp 2014 VP before 9.1.0.2342, HanWord Viewer 2007 and Viewer 2010 8.5.6.1158, and HwpViewer 2014 VP 9.1.0.2186, allows remote attackers to cause a denial of service (crash) and possibly "influence the program's execution flow" via a document with a large paragraph size, which triggers heap corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hancom ≫ Hanword Viewer 2010 Version8.5.6.1158
Hancom ≫ Hwpviewer 2014 Version9.1.0.2186
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.62% | 0.801 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|