CVE-2013-0808 is a critical vulnerability that affects the Hanword HWP word processing program. The vulnerability was first discovered in 2013. It occurs due to an integer overflow error in the HWP file format parser, which allows an attacker to execute arbitrary code on a victim's computer by tricking them into opening a specially crafted HWP document. This vulnerability mainly affected South Korean users since Hanword was primarily used in that region.
In February 2013, the vulnerability gained notoriety after a series of targeted attacks against South Korean organizations. The attackers used spear-phishing emails to deliver a weaponized HWP document that exploited CVE-2013-0808. The email contained a story about a person called 'Ewing Kim' who was looking for help. The email's attachments were two different HWP documents, both leveraging the same vulnerability. Once the victim opened the document, malware would be installed on their system, giving the attacker control over the compromised computer.
The discovery of this vulnerability prompted the security community and software vendors to issue patches to fix the flaw. However, it also highlighted the importance of user education and awareness in preventing successful attacks. The use of targeted social engineering tactics and specific vulnerabilities to compromise systems has become increasingly common, emphasizing the need for users to exercise caution when receiving unexpected or suspicious emails.
Description last updated: 2023-06-13T16:58:24.627Z