Vulnerabilities > CVE-2018-6400 - Unspecified vulnerability in Kingsoftstore WPS Office Free 10.2.0.5978
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \\.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecurely created named pipe." Ensures full access to Everyone users group.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/146709/TSI-ADV162018.txt |
id | PACKETSTORM:146709 |
last seen | 2018-03-23 |
published | 2018-03-08 |
reporter | Felipe Xavier Oliveira |
source | https://packetstormsecurity.com/files/146709/WPS-Free-Office-10.2.0.5978-NULL-DACL-Grants-Full-Access.html |
title | WPS Free Office 10.2.0.5978 NULL DACL Grants Full Access |