Softmaker Office
Vulnerabilities
2
Known exploited
0
Max CVSS
7.8
Top EPSS
0.01581
Severity breakdown
Critical
0
High
2
Medium
0
Low
0
Also matched as (raw): softmaker_office
Top vulnerabilities
CVE-2020-13545An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this vulnerability.
CVE-2020-13544An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability.