Vulnerabilities

3 New Code Execution Vulnerabilities Found in Atlantis Word Processor

0

Multiple critical security vulnerabilities have been found in the Atlantis Word Processor which permits remote attackers to execute arbitrary code and take over victim computers. The flaw was discovered by cybersecurity researchers at Cisco Talos.

Atlantis Word Processor is an alternative to Microsoft Word and is a fast-loading word processor application in which users can create, read and edit word documents easily. It can also be used to convert TXT, RTF, ODT, DOC, WRI, or DOCX documents to ePub.

In the previous versions of Atlantis, 8 code execution vulnerabilities were discovered around 2 months back by the same team and they have disclosed the details and proof-of-concept exploits for 3 more remote code execution vulnerabilities in the application. These flaws allowed attackers to corrupt the application’s memory and execute arbitrary code under the context of the application.

The three vulnerabilities are given below

Incorrect Calculation of Buffer Size (CVE-2018-4038): It is an exploitable arbitrary write vulnerability that exists in the open document format parser of the Word Processor while trying to null-terminate a string.

Improper Validation of Array Index (CVE-2018-4039) : It is an out-of-bounds write vulnerability that resides in the PNG implementation.

Use of Uninitialized Variable (CVE-2018-4040) : It is an exploitable uninitialized pointer vulnerability that resides in the rich text format parser of Atlantis.

These vulnerabilities affect the Atlantis Word Processor versions 3.2.7.1, 3.2.7.2 and this is exploited by persuading the victim into opening a specially crafted malicious booby-trapped document.

Talos researchers have reported these vulnerabilities to the software developers and they have now released an updated version 3.2.10.1 that addresses the issues.

Those users who haven’t updated the software are highly recommended to update to the latest version. The best method to prevent yourself from being a victim of such attacks is by not opening any document provided in an email from unknown or untrusted sources.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    UK pub chain kept 17,000 customer details exposed online

    Previous article

    Dark Web hosting provider got hacked, 6,500 sites down

    Next article

    You may also like

    Comments

    Leave a reply

    Your email address will not be published. Required fields are marked *