PT-2018-2470 · Document Foundation+5 · Libreoffice+5

Published

2018-04-15

Updated

2024-06-15

CVE-2018-10120

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LibreOffice versions prior to 5.4.6.1 LibreOffice versions 6.x prior to 6.0.2.1

Description The issue is related to a buffer overflow in the SwCTBWrapper::Read function of the LibreOffice package. This can be exploited by a remote attacker using a specially crafted file, potentially leading to a denial of service or other unspecified impacts. The vulnerability is caused by the lack of validation of a customizations index in the SwCTBWrapper::Read function.

Recommendations For LibreOffice versions prior to 5.4.6.1, update to version 5.4.6.1 or later. For LibreOffice versions 6.x prior to 6.0.2.1, update to version 6.0.2.1 or later. As a temporary workaround, consider avoiding the use of the SwCTBWrapper::Read function until a patch is available.

Exploit

Fix

DoS

Improper Validation of Array Index

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129CWE-787

Related Identifiers

ALT-PU-2018-1864

BDU:2019-00713

CVE-2018-10120

DLA-1356-1

DSA-4178-1

MGASA-2018-0271

OPENSUSE-SU-2018_1311-1

OPENSUSE-SU-2024:10983-1

RHSA-2018:3054

RHSA-2018_3054

SUSE-SU-2018:1296-1

USN-3883-1

Affected Products

Alt Linux

Astra Linux

Libreoffice

Red Hat

Suse

Ubuntu

PT-2018-2470 · Document Foundation+5 · Libreoffice+5

CVE-2018-10120

Weakness Enumeration

Related Identifiers

Affected Products

References · 97