CVE-2021-33035

Name of the Vulnerable Software and Affected Versions Apache OpenOffice versions up to and including 4.1.10

Description The issue is related to the processing of DBF files in Apache OpenOffice. When reading DBF data, the size of certain fields is not checked, and the data is copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This allows a remote attacker to execute arbitrary code.

Recommendations For Apache OpenOffice versions up to and including 4.1.10, update to version 4.1.11 or later, which includes the patch for this issue. As a temporary workaround, consider avoiding the use of DBF files in Apache OpenOffice until the issue is resolved. Restrict access to the DBF file handling functionality to minimize the risk of exploitation.