Vulnerabilities > Hancom

DATE CVE VULNERABILITY TITLE RISK
2024-01-12 CVE-2023-40250 Classic Buffer Overflow vulnerability in Hancom Hcell 12.0.0.893
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Hancom HCell on Windows allows Overflow Buffers.This issue affects HCell: 12.0.0.893.
network
low complexity
hancom CWE-120
8.8
2023-09-27 CVE-2023-32541 Use After Free vulnerability in Hancom Office 2020 11.0.0.7520
A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520.
local
low complexity
hancom CWE-416
7.8
2022-10-07 CVE-2022-33896 Unspecified vulnerability in Hancom Office 2020 11.0.0.5357
A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files.
local
low complexity
hancom
7.8
2022-02-16 CVE-2021-21958 Out-of-bounds Write vulnerability in Hancom Office 2020 11.0.0.2353
A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353.
local
low complexity
hancom CWE-787
7.8
2021-11-22 CVE-2020-7882 Path Traversal vulnerability in Hancom Anysign4Pc 1.1.1.0/1.1.2.6/1.1.2.7
Using the parameter of getPFXFolderList function, attackers can see the information of authorization certification and delete the files.
network
low complexity
hancom CWE-22
critical
9.1
2020-03-19 CVE-2019-16338 Use After Free vulnerability in Hancom Office NEO 9.6.1.7634
The tfo_common component in HwordApp.dll in Hancom Office 9.6.1.7634 allows a use-after-free via a crafted .docx file.
local
low complexity
hancom CWE-416
7.8
2020-03-19 CVE-2019-16337 Use After Free vulnerability in Hancom Office NEO 9.6.1.9403
The hncbd90 component in Hancom Office 9.6.1.9403 allows a use-after-free via an unknown object in a crafted .docx file.
local
low complexity
hancom CWE-416
7.8
2018-12-21 CVE-2018-5201 Out-of-bounds Write vulnerability in Hancom products
Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overflow vulnerability when handling Compound File in document.
local
low complexity
hancom CWE-787
5.5
2018-01-17 CVE-2018-5195 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hancom Thinkfree Office NEO 9.6.1.4902/9.6.1.5183
Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote attackers to execute arbitrary commands when performing the hyperlink Attributes in document.
network
low complexity
hancom CWE-119
critical
9.8
2017-07-25 CVE-2015-6585 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hancom Hangul Word Processor 2014
hwpapp.dll in Hangul Word Processor allows remote attackers to execute arbitrary code via a crafted heap spray, and by leveraging a "type confusion" via an HWPX file containing a crafted para text tag.
local
low complexity
hancom CWE-119
7.8