Lucene search

Kaspersky LabKLA15719

HistoryJul 22, 2022 - 12:00 a.m.

KLA15719 Multiple vulnerabilities in OpenOffice

2022-07-2200:00:00

Kaspersky Lab

threats.kaspersky.com

openoffice

vulnerabilities

security bypass

denial of service

update

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

34.1%

JSON

Security vulnerabilities were found in OpenOffice. Malicious users can exploit this vulnerability to bypass security restrictions.

Original advisories

CVE-2022-37401

CVE-2022-37400

Related products

OpenOffice.org

CVE list

CVE-2022-37401 critical

CVE-2022-37400 critical

Solution

Update to the latest version

Download OpenOffice

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

OpenOffice earlier than 4.1.13

References

statistics.securelist.com/

threats.kaspersky.com/en/product/OpenOffice.org/

www.openoffice.org/security/cves/CVE-2022-37400.html

www.openoffice.org/security/cves/CVE-2022-37401.html

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

34.1%

JSON

Related for KLA15719