Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote attackers to cause a denial of service (access violation and application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kingsoft WPS Office 安全漏洞
Vulnerability Description
Kingsoft WPS Office是中国金山软件(Kingsoft)公司的一款办公软件套件,常用组件包括:Writer(文字处理)、Spreadsheets(电子表格)和Presentation(演示文稿)等。 Kingsoft WPS Office 10.1.0.7106版本和10.2.0.5978版本中的kso.dll文件的‘WStr::assign’函数存在安全漏洞,该漏洞源于程序在执行an _copy调用之前没有验证源内存块的大小。远程攻击者可借助特制的Web界面、office文档或.rtf文
CVSS Information
N/A
Vulnerability Type
N/A