Vulnerabilities (CVE)

Filtered by vendor Softmaker Subscribe
Filtered by product Softmaker Office
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-13545 1 Softmaker 1 Softmaker Office 2024-11-21 6.8 MEDIUM 7.8 HIGH
An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this vulnerability.
CVE-2020-13544 1 Softmaker 1 Softmaker Office 2024-11-21 6.8 MEDIUM 7.8 HIGH
An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability.