How severe is CVE-2020-13544?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2020-13544?

This is classified as CWE-194, which is a common weakness in software security.

CVE-2020-13544 - HIGH Severity | CVSS 8.8

Vulnerability Description

An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability.

Related Vulnerabilities

CVE-2022-32138

HIGH

CVSS:8.8(High)

In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.

CWE-1942022

CVE-2018-10887

HIGH

CVSS:8.1(High)

A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn le...

CWE-1942018

CVE-2021-38434

HIGH

CVSS:7.8(High)

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could le...

CWE-1942021

CVE-2022-32138

HIGH

CVSS:8.8(High)

In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.

CWE-1942022

CVE-2018-10887

HIGH

CVSS:8.1(High)

CWE-1942018

CVE-2021-38434

HIGH

CVSS:7.8(High)

CWE-1942021