Description
Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote attackers to execute arbitrary commands when performing the hyperlink Attributes in document.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=26983
Vendor Advisory x_refsource_confirm
http://help.hancom.com/cve/hoffice/en-US/CVE_en_050_01.htm
Scores
CVSS v3
9.8
EPSS
0.0260
EPSS Percentile
83.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (1)
hancom/thinkfree_office_neo
< 9.6.1.5183
Published
Jan 17, 2018
Tracked Since
Feb 18, 2026