CVE-2018-4039 Information

Description

An exploitable out-of-bounds write vulnerability exists in the PNG implementation of Atlantis Word Processor version 3.2.7.2. This can allow an attacker to corrupt memory which can result in code execution under the context of the application. An attacker must convince a victim to open a specially crafted document in order to trigger this vulnerability.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

https://talosintelligence.com/vulnerability_reports/TALOS-2018-0712

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8