Security Advisory

CVE-2018-6390

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-01-29 19:00:00

Last updated 2024-09-17 03:42:45

Assigner mitre

State PUBLISHED

Description

The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote attackers to cause a denial of service (access violation and application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file.

← Browse all CVEs View on cve.org ↗