Vendor CVEs
Kingsoft
All CVEs
30 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-6400 | Hig | 0.51 | 7.8 | 0.00 | Mar 12, 2018 | Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \\.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecurely created named pipe." Ensures full access to Everyone users group. | ||
| CVE-2018-6390 | Med | 0.42 | 6.5 | 0.01 | Jan 29, 2018 | The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote attackers to cause a denial of service (access violation and application crash) via a crafted… | ||
| CVE-2018-7546 | Med | 0.36 | 5.5 | 0.01 | Jul 18, 2018 | wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf file. | ||
| CVE-2018-9151 | Med | 0.36 | 5.5 | 0.00 | Mar 30, 2018 | A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys allows local non-privileged users to crash the system via IOCTL 0x80030030. | ||
| CVE-2018-6217 | Med | 0.36 | 5.5 | 0.01 | Jan 25, 2018 | The WStr::_alloc_iostr_data() function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 allows remote attackers to cause a denial of service (application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file. | ||
| CVE-2017-17967 | Med | 0.36 | 5.5 | 0.01 | Dec 28, 2017 | pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attackers to cause a denial of service via a crafted PPT file, aka CNVD-2017-35482. | ||
| CVE-2010-5164 | Med | 0.34 | 5.3 | 0.00 | Aug 25, 2012 | Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain… | ||
| CVE-2024-7262 | 0.13 | — | 0.02 | KEV | Aug 15, 2024 | Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the… | ||
| CVE-2012-4886 | 0.04 | — | 0.15 | Mar 24, 2014 | Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 possibly 8.1.0.3238 allows remote attackers to execute arbitrary code via a long BSTR string. | |||
| CVE-2013-3934 | 0.04 | — | 0.10 | Sep 10, 2013 | Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file. | |||
| CVE-2008-1307 | 0.04 | — | 0.15 | Mar 12, 2008 | Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 allows remote attackers to execute arbitrary code via a long argument to the SetUninstallName method. | |||
| CVE-2022-24934 | 0.03 | — | 0.20 | Mar 23, 2022 | wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry. | |||
| CVE-2011-0515 | 0.03 | — | 0.01 | Jan 20, 2011 | KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 allows local users to cause a denial of service (crash) via a crafted request that is not properly handled by the KiFastCallEntry hook. | |||
| CVE-2010-3396 | 0.03 | — | 0.01 | Sep 15, 2010 | Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to execute arbitrary code via a long argument to IOCTL 0x80030004. NOTE: some of these details are obtained from third party information. | |||
| CVE-2010-2031 | 0.03 | — | 0.01 | May 24, 2010 | KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device. | |||
| CVE-2024-7263 | 0.00 | — | 0.00 | Aug 15, 2024 | Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was… | |||
| CVE-2023-32548 | 0.00 | — | 0.01 | Jun 13, 2023 | OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where… | |||
| CVE-2022-26511 | 0.00 | — | 0.01 | Mar 17, 2022 | WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current directory type' DLL loading). | |||
| CVE-2022-26081 | 0.00 | — | 0.01 | Mar 17, 2022 | The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | |||
| CVE-2022-25969 | 0.00 | — | 0.01 | Mar 17, 2022 | The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | |||
| CVE-2022-25949 | 0.00 | — | 0.01 | Mar 17, 2022 | The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs, leading to stack-based buffer overflow. | |||
| CVE-2020-25291 | 0.00 | — | 0.02 | Sep 13, 2020 | GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x. | |||
| CVE-2014-2271 | 0.00 | — | 0.02 | Jan 14, 2020 | cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and… | |||
| CVE-2014-6692 | 0.00 | — | 0.00 | Sep 23, 2014 | The Kingsoft Clip (Office Tool) (aka cn.wps.clip) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||
| CVE-2013-5999 | 0.00 | — | 0.01 | Nov 22, 2013 | Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||
| CVE-2013-0723 | 0.00 | — | 0.04 | Jul 29, 2013 | Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a crafted spreadsheet file. | |||
| CVE-2013-0710 | 0.00 | — | 0.04 | Mar 5, 2013 | Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document. | |||
| CVE-2010-5208 | 0.00 | — | 0.00 | Sep 6, 2012 | Multiple untrusted search path vulnerabilities in the (1) Presentation, (2) Writer, and (3) Spreadsheets components in Kingsoft Office 2010 6.6.0.2477 allow local users to gain privileges via a Trojan horse plgpf.dll file in the current working directory, as demonstrated by a… | |||
| CVE-2012-0321 | 0.00 | — | 0.00 | Mar 2, 2012 | Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application. | |||
| CVE-2004-1494 | 0.00 | — | 0.04 | Dec 31, 2004 | Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( CPU consumption or application exit) and possibly execute arbitrary code via a long string. |
- risk 0.51cvss 7.8epss 0.00
Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \\.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecurely created named pipe." Ensures full access to Everyone users group.
- risk 0.42cvss 6.5epss 0.01
The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote attackers to cause a denial of service (access violation and application crash) via a crafted…
- risk 0.36cvss 5.5epss 0.01
wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf file.
- risk 0.36cvss 5.5epss 0.00
A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys allows local non-privileged users to crash the system via IOCTL 0x80030030.
- risk 0.36cvss 5.5epss 0.01
The WStr::_alloc_iostr_data() function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 allows remote attackers to cause a denial of service (application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file.
- risk 0.36cvss 5.5epss 0.01
pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attackers to cause a denial of service via a crafted PPT file, aka CNVD-2017-35482.
- risk 0.34cvss 5.3epss 0.00
Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain…
- risk 0.13cvss —epss 0.02
Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the…
- CVE-2012-4886Mar 24, 2014risk 0.04cvss —epss 0.15
Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 possibly 8.1.0.3238 allows remote attackers to execute arbitrary code via a long BSTR string.
- CVE-2013-3934Sep 10, 2013risk 0.04cvss —epss 0.10
Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file.
- CVE-2008-1307Mar 12, 2008risk 0.04cvss —epss 0.15
Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 allows remote attackers to execute arbitrary code via a long argument to the SetUninstallName method.
- CVE-2022-24934Mar 23, 2022risk 0.03cvss —epss 0.20
wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry.
- CVE-2011-0515Jan 20, 2011risk 0.03cvss —epss 0.01
KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 allows local users to cause a denial of service (crash) via a crafted request that is not properly handled by the KiFastCallEntry hook.
- CVE-2010-3396Sep 15, 2010risk 0.03cvss —epss 0.01
Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to execute arbitrary code via a long argument to IOCTL 0x80030004. NOTE: some of these details are obtained from third party information.
- CVE-2010-2031May 24, 2010risk 0.03cvss —epss 0.01
KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device.
- CVE-2024-7263Aug 15, 2024risk 0.00cvss —epss 0.00
Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was…
- CVE-2023-32548Jun 13, 2023risk 0.00cvss —epss 0.01
OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where…
- CVE-2022-26511Mar 17, 2022risk 0.00cvss —epss 0.01
WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current directory type' DLL loading).
- CVE-2022-26081Mar 17, 2022risk 0.00cvss —epss 0.01
The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.
- CVE-2022-25969Mar 17, 2022risk 0.00cvss —epss 0.01
The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.
- CVE-2022-25949Mar 17, 2022risk 0.00cvss —epss 0.01
The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs, leading to stack-based buffer overflow.
- CVE-2020-25291Sep 13, 2020risk 0.00cvss —epss 0.02
GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x.
- CVE-2014-2271Jan 14, 2020risk 0.00cvss —epss 0.02
cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and…
- CVE-2014-6692Sep 23, 2014risk 0.00cvss —epss 0.00
The Kingsoft Clip (Office Tool) (aka cn.wps.clip) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-2013-5999Nov 22, 2013risk 0.00cvss —epss 0.01
Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-2013-0723Jul 29, 2013risk 0.00cvss —epss 0.04
Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a crafted spreadsheet file.
- CVE-2013-0710Mar 5, 2013risk 0.00cvss —epss 0.04
Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document.
- CVE-2010-5208Sep 6, 2012risk 0.00cvss —epss 0.00
Multiple untrusted search path vulnerabilities in the (1) Presentation, (2) Writer, and (3) Spreadsheets components in Kingsoft Office 2010 6.6.0.2477 allow local users to gain privileges via a Trojan horse plgpf.dll file in the current working directory, as demonstrated by a…
- CVE-2012-0321Mar 2, 2012risk 0.00cvss —epss 0.00
Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application.
- CVE-2004-1494Dec 31, 2004risk 0.00cvss —epss 0.04
Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( CPU consumption or application exit) and possibly execute arbitrary code via a long string.