CVE-2018-4001 - An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of Atlantis

CVE-2018-4001

Summary

An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted document can cause an uninitialized pointer representing a TTableRow to be assigned to a variable on the stack. This variable is later dereferenced and then written to allow for controlled heap corruption, which can lead to code execution under the context of the application. An attacker must convince a victim to open a document in order to trigger this vulnerability.

References

https://talosintelligence.com/vulnerability_reports/TALOS-2018-0669

Vulnerable Configurations

cpe:2.3:a:atlantiswordprocessor:atlantis_word_processor:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:atlantiswordprocessor:atlantis_word_processor:3.2.5:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 04-02-2023 - 01:18)
Impact:
Exploitability:

CWE

CWE-824

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

misc

https://talosintelligence.com/vulnerability_reports/TALOS-2018-0669

Last major update

04-02-2023 - 01:18

Published

01-10-2018 - 20:29

Last modified

04-02-2023 - 01:18