PT-2017-9018 · Apache · Apache Openoffice+1

Published

2017-11-13

Updated

2017-11-29

CVE-2016-6803

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apache OpenOffice versions prior to 4.1.3

Description The issue is related to an "unquoted Windows search path vulnerability" in the installer for Windows. This vulnerability can be exploited if the system has previously been infected with a Trojan Horse application or if a user is running with administrative privileges. The vulnerability acts as a delayed trigger for the exploit when an installer with the unquoted search path vulnerability is present.

Recommendations For versions prior to 4.1.3, update to version 4.1.3 or later to resolve the issue.

Fix

Untrusted Search Path

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426

Related Identifiers

CVE-2016-6803

Affected Products

Apache Openoffice

Openoffice

PT-2017-9018 · Apache · Apache Openoffice+1

CVE-2016-6803

Weakness Enumeration

Related Identifiers

Affected Products

References · 5