Vulnerabilities > Hancom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2023-40250 | Classic Buffer Overflow vulnerability in Hancom Hcell 12.0.0.893 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Hancom HCell on Windows allows Overflow Buffers.This issue affects HCell: 12.0.0.893. | 8.8 |
| 2023-09-27 | CVE-2023-32541 | Use After Free vulnerability in Hancom Office 2020 11.0.0.7520 A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. | 7.8 |
| 2022-10-07 | CVE-2022-33896 | Buffer Underflow vulnerability in Hancom Office 2020 11.0.0.5357 A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. | 7.8 |
| 2022-02-16 | CVE-2021-21958 | Out-of-bounds Write vulnerability in Hancom Office 2020 11.0.0.2353 A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. | 6.8 |
| 2021-11-22 | CVE-2020-7882 | Path Traversal vulnerability in Hancom Anysign4Pc 1.1.1.0/1.1.2.6/1.1.2.7 Using the parameter of getPFXFolderList function, attackers can see the information of authorization certification and delete the files. | 6.4 |
| 2020-03-19 | CVE-2019-16338 | Use After Free vulnerability in Hancom Office NEO 9.6.1.7634 The tfo_common component in HwordApp.dll in Hancom Office 9.6.1.7634 allows a use-after-free via a crafted .docx file. | 6.8 |
| 2020-03-19 | CVE-2019-16337 | Use After Free vulnerability in Hancom Office NEO 9.6.1.9403 The hncbd90 component in Hancom Office 9.6.1.9403 allows a use-after-free via an unknown object in a crafted .docx file. | 6.8 |
| 2018-12-21 | CVE-2018-5201 | Out-of-bounds Write vulnerability in Hancom products Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overflow vulnerability when handling Compound File in document. | 4.3 |
| 2018-01-17 | CVE-2018-5195 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hancom Thinkfree Office NEO Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote attackers to execute arbitrary commands when performing the hyperlink Attributes in document. | 7.5 |
| 2017-07-25 | CVE-2015-6585 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hancom Hangul Word Processor 2014 hwpapp.dll in Hangul Word Processor allows remote attackers to execute arbitrary code via a crafted heap spray, and by leveraging a "type confusion" via an HWPX file containing a crafted para text tag. | 6.8 |