First published: Mon Nov 27 2023(Updated: )
An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially crafted malformed file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Kingsoft Wps Office | =11.2.0.11537 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-31275.
WPS Office 11.2.0.11537 is affected by this vulnerability.
The severity of CVE-2023-31275 is high with a CVSS score of 8.8.
This vulnerability occurs due to an uninitialized pointer use in the handling of Data elements in an Excel file.
A specially crafted malicious file can lead to remote code execution.