PT-2018-2472 · Document Foundation+4 · Libreoffice+4

Published

2018-02-22

Updated

2024-06-15

CVE-2018-10119

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LibreOffice versions prior to 5.4.5.1 LibreOffice versions 6.x prior to 6.0.1.1

Description The issue is related to the use of an incorrect integer data type in the StgSmallStrm class, which can lead to a denial of service or possibly other impacts via a crafted document using the structured storage ole2 wrapper file format. This is also associated with a use-after-free vulnerability in the SwCTBWrapper::Read function, allowing remote attackers to cause a denial of service with a specially formed file.

Recommendations For LibreOffice versions prior to 5.4.5.1, update to version 5.4.5.1 or later. For LibreOffice versions 6.x prior to 6.0.1.1, update to version 6.0.1.1 or later.

Exploit

Fix

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2018-1273

BDU:2019-00715

CVE-2018-10119

DLA-1356-1

DSA-4178-1

MGASA-2018-0271

OPENSUSE-SU-2018_1311-1

OPENSUSE-SU-2024:10983-1

RHSA-2018:3054

RHSA-2018_3054

SUSE-SU-2018:1296-1

SUSE-SU-2018_1296-1

USN-3883-1

Affected Products

Alt Linux

Libreoffice

Red Hat

Suse

Ubuntu

PT-2018-2472 · Document Foundation+4 · Libreoffice+4

CVE-2018-10119

Weakness Enumeration

Related Identifiers

Affected Products

References · 101