Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 04/02/2021 Updated: 07/06/2022

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Subscribe to Planmaker 2021

An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it to write a 16-bit null relative to a buffer allocated on the stack. Due to a lack of bounds-checking on this value, this can allow an malicious user to write to memory outside of the buffer and controllably corrupt memory. This can allow an malicious user to earn code execution under the context of the application. An attacker can entice the victim to open a document to trigger this vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
softmaker planmaker 2021 1014

CWE-787 https://talosintelligence.com/vulnerability_reports/TALOS-2020-1191 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-13580

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect