Heap-based Buffer Overflow in Hancom Office 2014 VP Allows Remote Code Execution via Crafted .cell File

Heap-based Buffer Overflow in Hancom Office 2014 VP Allows Remote Code Execution via Crafted .cell File

CVE-2016-4293 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Multiple heap-based buffer overflows in the (1) CBookBase::SetDefTableStyle and (2) CBookBase::SetDefPivotStyle functions in Hancom Office 2014 VP allow remote attackers to execute arbitrary code via a crafted Hangul Hcell Document (.cell) file.

Learn more about our Cis Benchmark Audit For Microsoft Office.