We all have heard of CISCO at one point or another. They are a large and multinational tech-company that develops and manufactures networking equipment and other services. Today, a report from Cisco Talos detailed various vulnerabilities in the Atlantis Word Processor.
The researchers, a Cory Deuplantis and Ali Rizvi-Santiago came upon the eight code vulnerabilities, some of these that could allow for code execution, and they were found through multiple versions of the software, with some of the flaws affecting other versions other than their own.
The eight vulnerabilities are as follows:
- 1. Uninitialized TDocOLeObject Code Execution Vulnerability.
- 2. Word Document Complex Piece Descriptor Table Fc.Compressed Code Execution Vulnerability:
- 3. Empty TTableRow TList Execution Vulnerability:
- 4. Document Endnote Reference Code Execution Vulnerability:
- 5. Uninitialized Length Vulnerability:
- 6. Windows Enhanced Metafile Code Execution Vulnerability:
- 7. JPEG Length Underflow Code Execution Vulnerability:
- 8. Office Open XML TTableRow Double Free Vulnerability:
That was the news, folks. Take it easy.
---Sh7nk-Z0id
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011