HTTP: SoftMaker Office PlanMaker PMD Document Records Integer Overflow
This signature detects attempts to exploit a known vulnerability against SoftMaker Office PlanMaker. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the SoftMaker Office.
Extended Description
An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation. Later when copying data from the file into this allocation, a heap-based buffer overflow will occur which can corrupt memory. These types of memory corruptions can allow for code execution under the context of the application. An attacker can entice the victim to open a document to trigger this vulnerability.
Affected Products
Softmaker planmaker_2021
References
CVE: CVE-2020-13579
Short Name
HTTP:STC:DL:SFMK-OFC-PMD-IO
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2020-13579 Document Integer Office Overflow PMD PlanMaker Records SoftMaker
Release Date
03/17/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Softmaker
CVSS Score
6.8