Stack-based Buffer Overflow in Kingsoft Writer 2012 Affects Kingsoft Office Suite
CVE-2013-3934

Currently unrated

Key Information:

Vendor: Kingsoft
Status: Office 2012; Writer 2012
Vendor: CVE Published:; 10 September 2013

What is CVE-2013-3934?

A stack-based buffer overflow vulnerability exists in Kingsoft Writer 2012 that can be exploited by remote attackers. The flaw arises when the software handles excessively long font names within WPS files, potentially allowing an attacker to execute arbitrary code on the target system. This issue is particularly concerning as it affects multiple versions of Kingsoft Office, making countless users vulnerable to runtime exploits through crafted files.

References

http://secunia.com/advisories/53266

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/61796

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1028920

vdb-entryx_refsource_SECTRACK

EPSS Score

43% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 10, 2013