HIGH🇬🇧 English

CVE-2015-6585

CVSS 7.8v3.0pub. 2017-07-25upd. 2026-05-13

hwpapp.dll in Hangul Word Processor allows remote attackers to execute arbitrary code via a crafted heap spray, and by leveraging a "type confusion" via an HWPX file containing a crafted para text tag.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Hancom Hangul Word Processor

    APP
    Hancom
    2014
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2017-2819HIGH8.8ten sam produkt

An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) o...

CVE-2018-5195CRITICAL9.8ten sam vendor

Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote attackers to...

CVE-2023-50234HIGH7.8ten sam vendor

Hancom Office Cell XLS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vuln...

CVE-2023-50235HIGH7.8ten sam vendor

Hancom Office Show PPT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vuln...

CVE-2023-51598HIGH8.8ten sam vendor

Hancom Office Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability all...