A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw.
Cisco Talos recently discovered multiple vulnerabilities in SoftMaker's TextMaker software. A user could trigger these vulnerabilities by opening an attacker-created, malicious document. An adversary could use these documents to create a variety of malicious conditions on the victim machine.
SoftMaker Software GmbH is a German software company that develops and releases office software. Their flagship product, SoftMaker Office, allows users to carry out multiple tasks, including word processing, spreadsheet creation, presentation design, and even allows for scripting. The SoftMaker Office suite supports a variety of common document file formats, as well as a number of internal formats that the user may choose to use when performing their necessary work. These vulnerabilities specifically exist in TextMaker, which is one portion of the SoftMaker Office suite.
In accordance with our coordinated disclosure policy, Cisco Talos worked with SoftMaker Software to disclose these vulnerabilities and ensure that an update is available.
VULNERABILITY DETAILS
SoftMaker Office TextMaker document record 0x001f sign-extension vulnerability (TALOS-2020-1161/CVE-2020-13544)
An exploitable sign extension vulnerability exists in the TextMaker document-parsing functionality of SoftMaker Office 2021's TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop's index being used to write outside the bounds of a heap buffer during the reading of file data. An ..
Support the originator by clicking the read the rest link below.
