CVE-2015-2810
Last modified
CVE-2015-2810 is a vulnerability of currently unknown severity. Integer overflow in the HwpApp::CHncSDS_Manager function in Hancom Office HanWord processor, as used in Hwp 2014 VP before 9.1.0.2342, HanWord Viewer 2007 and Viewer 2010 8.5.6.1158, and HwpViewer 2014 VP 9.1.0.2186, allows remote attackers to cause a denial of service (crash) and possibly "influence the program's execution flow" via a document with a large paragraph size, which triggers heap corruption.. EPSS estimates a 2.31% chance of exploitation in the next 30 days.
Description
Integer overflow in the HwpApp::CHncSDS_Manager function in Hancom Office HanWord processor, as used in Hwp 2014 VP before 9.1.0.2342, HanWord Viewer 2007 and Viewer 2010 8.5.6.1158, and HwpViewer 2014 VP 9.1.0.2186, allows remote attackers to cause a denial of service (crash) and possibly "influence the program's execution flow" via a document with a large paragraph size, which triggers heap corruption.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hancom | Hanword Viewer 2007 | All versions |
| Hancom | Hanword Viewer 2010 | 8.5.6.1158 |
| Hancom | Hwp 2014 | <= 9.1.0.2342 |
| Hancom | Hwpviewer 2014 | 9.1.0.2186 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2015-2810?
How severe is CVE-2015-2810?
How do I fix CVE-2015-2810?
Are you affected by CVE-2015-2810?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST