CVE-2020-13545

{"id": "CVE-2020-13545", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2021-01-06T15:15:14.397", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1162", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-681"}, {"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-196"}]}], "descriptions": [{"lang": "en", "value": "An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021\u2019s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this vulnerability."}, {"lang": "es", "value": "Una vulnerabilidad de conversi\u00f3n firmada explotable en la funcionalidad de an\u00e1lisis de documentos de TextMaker de la aplicaci\u00f3n TextMaker de SoftMaker Office 2021. Un documento especialmente dise\u00f1ado puede hacer que el analizador de documentos calcule inapropiadamente una longitud usada para asignar un b\u00fafer; m\u00e1s adelante, tras usar este b\u00fafer, la aplicaci\u00f3n escribir\u00e1 fuera de sus l\u00edmites, resultando en una corrupci\u00f3n de la memoria de la regi\u00f3n heap. Un atacante puede atraer a la v\u00edctima para que abra un documento para desencadenar esta vulnerabilidad"}], "lastModified": "2022-06-07T18:37:43.567", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:softmaker:softmaker_office:2021:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "845F9D8E-FCC5-48AE-8B74-9BB12E216751"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}