CVE-2020-27250

February 17, 2021

In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow at Version/Instance 0x0005 and 0x0016. An attacker can entice the victim to open a document to trigger this vulnerability.

Summary:

In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow at Version/Instance 0x0005 and 0x0016. An attacker can entice the victim to open a document to trigger this vulnerability.

Reference Links(if available):

  • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1210

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    Sliver C2

    Sliver C2 Detected – 168[.]138[.]179[.]33:31337

    May 8, 2024
    Sliver C2

    Sliver C2 Detected – 170[.]64[.]249[.]50:31337

    May 8, 2024
    alerts

    Critical Vulnerability in Tinyproxy Instances

    May 8, 2024
    image 6

    INC Ransom Ransomware Victim: Pifer’s Auction & Realty

    May 8, 2024
    image 6

    INC Ransom Ransomware Victim: It4 Solutions Robras Corp

    May 8, 2024