The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote malicious users to cause a denial of service (access violation and application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wps wps office 10.1.0.7106 |
||
wps wps office 10.2.0.5978 |