Unrated severityNVD Advisory· Published May 15, 2015· Updated May 6, 2026

CVE-2015-2810

Description

Integer overflow in the HwpApp::CHncSDS_Manager function in Hancom Office HanWord processor, as used in Hwp 2014 VP before 9.1.0.2342, HanWord Viewer 2007 and Viewer 2010 8.5.6.1158, and HwpViewer 2014 VP 9.1.0.2186, allows remote attackers to cause a denial of service (crash) and possibly "influence the program's execution flow" via a document with a large paragraph size, which triggers heap corruption.

Affected products

Hancom/Hanword Viewer 2007
cpe:2.3:a:hancom:hanword_viewer_2007:*:*:*:*:*:*:*:*
Hancom/Hanword Viewer 2010
cpe:2.3:a:hancom:hanword_viewer_2010:8.5.6.1158:*:*:*:*:*:*:*
Hancom/Hwp 2014
cpe:2.3:a:hancom:hwp_2014:*:*:*:*:*:*:*:*
Range: <=9.1.0.2342
Hancom/Hwpviewer 2014
cpe:2.3:a:hancom:hwpviewer_2014:9.1.0.2186:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000