CVE-2023-32541
published 2023-09-27CVE-2023-32541: A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file can lead to a…
PriorityP339high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.66%
46.7th percentile
A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file can lead to a use-after-free. An attacker can trick a user into opening a malformed file to trigger this vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hancom | hancom_office_2020 | — | — |
| hancom | hancom_office_2020 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome
blogs_talos·2023-09-27·CVSS 8.1
[HIGH] 10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome
## 10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome
Cisco Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser.
Attackers could exploit these vulnerabilities to carry out a variety of attacks, in some cases gaining the ability to execute remote code on the targeted machine.
Four of the vulnerabilities included in today’s Vulnerability Roundup that affect the Accusoft ImageGear development toolkit have a CVSS severity score of 9.8 out of a possible 10.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org , and our latest Vulnerability Advisories are always posted on Talos Intelligence’s websit
Talos
10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome
blogs_talos·2023-09-27·CVSS 8.1
[HIGH] 10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome
Cisco Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser.
Attackers could exploit these vulnerabilities to carry out a variety of attacks, in some cases gaining the ability to execute remote code on the targeted machine.
Four of the vulnerabilities included in today’s Vulnerability Roundup that affect the Accusoft ImageGear development toolkit have a CVSS severity score of 9.8 out of a possible 10.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.
## Use-after-free vulnerability in Google Chrome web browser
TALOS-2023-1751 (CVE-2023-3421
2023-09-27
Published