Wps: >> Wps Office >> 10.1.0.7106 Security Vulnerabilities
wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry.
CVSS Score
9.8
EPSS Score
0.258
Published
2022-03-23
The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote attackers to cause a denial of service (access violation and application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-01-29