CVE-2013-0808

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2013-0808 is a critical vulnerability that affects the Hanword HWP word processing program. The vulnerability was first discovered in 2013. It occurs due to an integer overflow error in the HWP file format parser, which allows an attacker to execute arbitrary code on a victim's computer by tricking them into opening a specially crafted HWP document. This vulnerability mainly affected South Korean users since Hanword was primarily used in that region. In February 2013, the vulnerability gained notoriety after a series of targeted attacks against South Korean organizations. The attackers used spear-phishing emails to deliver a weaponized HWP document that exploited CVE-2013-0808. The email contained a story about a person called 'Ewing Kim' who was looking for help. The email's attachments were two different HWP documents, both leveraging the same vulnerability. Once the victim opened the document, malware would be installed on their system, giving the attacker control over the compromised computer. The discovery of this vulnerability prompted the security community and software vendors to issue patches to fix the flaw. However, it also highlighted the importance of user education and awareness in preventing successful attacks. The use of targeted social engineering tactics and specific vulnerabilities to compromise systems has become increasingly common, emphasizing the need for users to exercise caution when receiving unexpected or suspicious emails.
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Vulnerability
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2013-0808 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Korea In The Crosshairs