GCVE - cpe:2.3:a:talos:atlantis_word_processor:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:talos:atlantis_word_processor:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Talos (`e7c02545-e938-5775-90a6-6bebb73bfb47`)
Product	Atlantis Word Processor (`521aa96a-e74b-5f99-8105-bd64629feaaf`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-4040`	vulnerable	2026-06-03 14:38:50.807582	Details available HIGH (8.8) An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a victim to open a specially crafted document in order to trigger this vulnerability. Published: 2018-12-01T20:00:00.000Z Updated: 2024-09-17T00:36:10.536Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2018-0713	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-4039`	vulnerable	2026-06-03 14:38:50.807228	Details available HIGH (8.8) An exploitable out-of-bounds write vulnerability exists in the PNG implementation of Atlantis Word Processor, version 3.2.7.2. This can allow an attacker to corrupt memory, which can result in code execution under the context of the application. An attacker must convince a victim to open a specially crafted document in order to trigger this vulnerability. Published: 2018-12-01T19:00:00.000Z Updated: 2024-09-16T19:19:06.200Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2018-0712	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-4038`	vulnerable	2026-06-03 14:38:50.805747	Details available HIGH (8.8) An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This constructor will miscalculate a length and then use it to calculate the position to write a null byte. This can allow an attacker to corrupt memory, which can result in code execution under the context of the application. An attacker must convince a victim to open a specially crafted document in order to trigger this vulnerability. Published: 2018-12-01T18:00:00.000Z Updated: 2024-09-16T22:09:06.930Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2018-0711	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.