CVE-2018-6390 : What You Need to Know

Kingsoft WPS Office versions 10.1.0.7106 and 10.2.0.5978 are vulnerable to a denial of service attack due to a flaw in the WStr::assign function in the kso.dll file.

Understanding CVE-2018-6390

This CVE identifies a vulnerability in Kingsoft WPS Office versions 10.1.0.7106 and 10.2.0.5978 that can be exploited by remote attackers to cause a denial of service.

What is CVE-2018-6390?

The vulnerability in the WStr::assign function in the kso.dll file allows attackers to trigger an access violation and application crash by providing a specially crafted web page, office document, or .rtf file.

The Impact of CVE-2018-6390

The vulnerability can lead to a denial of service, causing the application to crash, potentially disrupting user productivity and workflow.

Technical Details of CVE-2018-6390

Kingsoft WPS Office versions 10.1.0.7106 and 10.2.0.5978 are affected by this vulnerability.

Vulnerability Description

The WStr::assign function in kso.dll does not properly validate the size of the source memory block before calling the _copy function, enabling attackers to exploit this flaw.

Affected Systems and Versions

Kingsoft WPS Office 10.1.0.7106
Kingsoft WPS Office 10.2.0.5978

Exploitation Mechanism

Attackers can exploit this vulnerability by providing a crafted web page, office document, or .rtf file, triggering an access violation and causing the application to crash.

Mitigation and Prevention

It is crucial to take immediate steps to address and prevent the exploitation of CVE-2018-6390.

Immediate Steps to Take

Apply security patches or updates provided by Kingsoft for the affected versions.
Avoid opening suspicious or untrusted web pages, office documents, or .rtf files.

Long-Term Security Practices

Regularly update and patch software to mitigate known vulnerabilities.
Implement network security measures to detect and block malicious activities.

Patching and Updates

Stay informed about security advisories and updates from Kingsoft regarding CVE-2018-6390.