Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2015-6585

Published: 25/07/2017 Updated: 10/08/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

hwpapp.dll in Hangul Word Processor allows remote malicious users to execute arbitrary code via a crafted heap spray, and by leveraging a "type confusion" via an HWPX file containing a crafted para text tag.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

hancom hangul word processor 2014

Recent Articles

Operation Blockbuster revealed
Securelist • Juan Andrés Guerrero-Saade Costin Raiu GReAT • 24 Feb 2016

Kaspersky Lab has joined industry alliance driven by Novetta to announce Operation Blockbuster. Just like the previous Operation SMN, this alliance brings together key players in the IT security industry, working together in an effort to disrupt and neutralize multiple cyberespionage campaigns that have been active for several years. Some of the targets of these campaigns included financial institutions, media houses and manufacturing companies, among others. In the past, we published our resear...

Read more...
North Korea exploits 0-day in Seoul's favourite word processor
The Register • Darren Pauli • 10 Sep 2015

'Macktruck' attack network sends in the 'Hangman'

FireEye researchers Genwei Jiang and Josiah Kimble say attackers from North Korea exploited a zero day vulnerability in a word processor popular with the South Korea's government. The attackers went after the vulnerability (CVE-2015-6585) in the Hangul Word Processor prior to a patch issued last Monday. Accurate attribution of North Korean actors is inherently difficult, however Jiang and Kimble say the attack payloads and infrastructure strongly point to the North. There is no suggestion of Pyo...

Read more...

References

CWE-119https://www.fireeye.com/content/dam/fireeye-www/global/en/blog/threat-research/FireEye_HWP_ZeroDay.pdfhttps://www.fireeye.com/blog/threat-research/2015/09/zero-day_hwp_exploit.htmlhttp://www.securityfocus.com/bid/76694http://www.hancom.com/cs_center/csDownload.dohttps://nvd.nist.govhttps://www.theregister.co.uk/2015/09/10/north_korea_exploits_zero_day_in_seouls_favourite_word_doc/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229privilege escalationlocal usersCVE-2024-5405CVE-2024-27842CVE-2024-5274CVE-2024-5378CVE-2024-34152hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook