{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T22:32:29.410","vulnerabilities":[{"cve":{"id":"CVE-2018-3998","sourceIdentifier":"talos-cna@cisco.com","published":"2018-10-01T20:29:01.170","lastModified":"2024-11-21T04:06:27.960","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An exploitable heap-based buffer overflow vulnerability exists in the Windows enhanced metafile parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause an undersized allocation, resulting in an overflow when the application tries to copy data into it. An attacker must convince a victim to open a document in order to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad explotable de desbordamiento de búfer basado en memoria dinámica (heap) en el analizador de meta archivos mejorado de Windows de Atlantis Word Processor 3.2.5.0. Una imagen especialmente manipulada embebida en un documento puede provocar una asignación con menor tamaño, lo que resulta en un desbordamiento cuando la aplicación intenta copiar datos en él. Un atacante debe convencer a una víctima para que abra un documento para provocar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:atlantiswordprocessor:atlantis_word_processor:3.2.5.0:*:*:*:*:*:*:*","matchCriteriaId":"E7E316BD-505F-49E0-9F20-C8B4B2748C2B"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0666","source":"talos-cna@cisco.com","tags":["Exploit","Technical Description","Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0666","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description","Third Party Advisory"]}]}}]}