Skip to content

CVE-2014-3950: A Document Encryption Vulnerability Disclosure


Nice one!!
Congratulations on CVE 2014 3950!

The Krypt

This is my first relatively major vulnerability discovery that I’ve been sitting on for two months, and almost forgot about until now. It was purely by chance, when I decided to look at an ‘encrypted’ document in a hex editor (for no good reason). I had set the encryption and a password was required to open the file in Kingsoft Writer, but I found a line of the plaintext was still readable. Here’s a screenshot of the hex dump:


Unsure of whether the encryption failed to work completely, I ran the same test again, this time with a larger file and using ‘Microsoft Enhanced RSA and AES Cryptographic Provider’:


In the hex dump for this, portions of the plaintext were visible again, and most of it encrypted.
After further experimentation and mapping out the document’s file structure, I discovered that Kingsoft Writer doesn’t encrypt the file, but instead a…

View original post 382 more words


From → Uncategorized

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: