CVE-2018-4039
HIGHAtlantis Word Processor 3.2.7.2 - Out-of-bounds Write via PNG Implementation
Title source: llmDescription
An exploitable out-of-bounds write vulnerability exists in the PNG implementation of Atlantis Word Processor, version 3.2.7.2. This can allow an attacker to corrupt memory, which can result in code execution under the context of the application. An attacker must convince a victim to open a specially crafted document in order to trigger this vulnerability.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0712
Scores
CVSS v3
7.8
EPSS
0.0143
EPSS Percentile
69.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (1)
atlantiswordprocessor/atlantis_word_processor
3.2.7.2
Published
Dec 01, 2018
Tracked Since
Feb 18, 2026