Vulnerabilities > WPS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-29 | CVE-2018-6390 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in WPS Office 10.1.0.7106/10.2.0.5978 The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote attackers to cause a denial of service (access violation and application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file. | 6.5 |