Hancom : Security Vulnerabilities, CVEs, CVSS score >= 9
Using the parameter of getPFXFolderList function, attackers can see the information of authorization certification and delete the files. It occurs because the parameter contains path traversal characters(ie. '../../../')
Max CVSS
9.1
EPSS Score
0.16%
Published
2021-11-22
Updated
2021-11-26
Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote attackers to execute arbitrary commands when performing the hyperlink Attributes in document.
Max CVSS
9.8
EPSS Score
0.31%
Published
2018-01-17
Updated
2018-02-02
Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote attackers to execute arbitrary code via large dimension values in a (1) JPG image to the ImportGR in the JPG image filter module (HncJpeg10.flt) or (2) PNG image to the PNG image filter module (HncPng10.flt), which triggers a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
6.46%
Published
2012-02-24
Updated
2017-08-29
3 vulnerabilities found