PT-2017-19198 · Apache · Openoffice
Publicado
2017-11-20
·
Atualizado
2022-02-07
·
CVE-2017-9806
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OpenOffice versions prior to 4.1.4
Description
A flaw in the OpenOffice Writer DOC file parser, specifically in the WW8Fonts Constructor, allows attackers to create malicious documents. These documents can cause denial of service, resulting in memory corruption and application crash, and potentially lead to arbitrary code execution.
Recommendations
For versions prior to 4.1.4, update to version 4.1.4 or later to resolve the issue.
Correção
DoS
Memory Corruption
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Openoffice