Vulnerabilities > CVE-2020-28587 - Out-of-bounds Write vulnerability in Softmaker Planmaker 2021 1014

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
softmaker
CWE-787

Summary

A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014).

Vulnerable Configurations

Part Description Count
Application
Softmaker
1

Common Weakness Enumeration (CWE)