PT-2017-19198 · Apache · Openoffice
Published
2017-11-20
·
Updated
2022-02-07
·
CVE-2017-9806
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OpenOffice versions prior to 4.1.4
Description
A flaw in the OpenOffice Writer DOC file parser, specifically in the WW8Fonts Constructor, allows attackers to create malicious documents. These documents can cause denial of service, resulting in memory corruption and application crash, and potentially lead to arbitrary code execution.
Recommendations
For versions prior to 4.1.4, update to version 4.1.4 or later to resolve the issue.
Fix
DoS
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openoffice