Buffer overflow in Atlantis Word Processor - CVE-2018-4001
Published: October 1, 2018 / Updated: August 8, 2020
Vulnerability identifier: #VU36596
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2018-4001
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Atlantis Security
Affected software:
Atlantis Word Processor
Atlantis Word Processor
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted document can cause an uninitialized pointer representing a TTableRow to be assigned to a variable on the stack. This variable is later dereferenced and then written to allow for controlled heap corruption, which can lead to code execution under the context of the application. An attacker must convince a victim to open a document in order to trigger this vulnerability.
How to mitigate CVE-2018-4001
Install update from vendor's website.