Lucene search
ApacheCVELIST:CVE-2016-6804HistoryNov 18, 2017 - 12:00 a.m.
CVE-2016-6804
2017-11-1800:00:00
apache
www.cve.org
1
0.002 Low
EPSS
Percentile
57.6%
The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been previously poisoned by a file that impersonates a dynamic-link library that the installer depends upon.
CNA Affected
[
{
"product": "Apache OpenOffice",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "4.0.0 to 4.1.2"
},
{
"status": "affected",
"version": "older releases are also affected, including some branded as OpenOffice.org"
}
]
}
]Related
cve
cve
CVE-2016-6804
2017-11-20 15:29:00
zdt
zdt
Apache OpenOffice 4.1.2 Privilege Escalation Vulnerability
2016-10-27 00:00:00
nvd
nvd
CVE-2016-6804
2017-11-20 15:29:00
prion
prion
Design/Logic Flaw
2017-11-20 15:29:00
openvas
openvas
Apache OpenOffice 'Unquoted Search Path' and RCE Vulnerabilities
2017-11-22 00:00:00
nessus
nessus
Apache OpenOffice < 4.1.3 Multiple Vulnerabilities
2016-10-21 00:00:00