Format string

2018-04-1609:58:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.6%

JSON

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
debian_linuxeq8.0
debian_linuxeq7.0
debian_linuxeq9.0
libreofficege6.0.0
libreofficelt6.0.1.1
libreofficelt5.4.5.1
enterprise_linux_desktopeq7.0
enterprise_linux_servereq7.0

Name	Operator	Version
ubuntu_linux	eq	16.04
ubuntu_linux	eq	14.04
debian_linux	eq	8.0
debian_linux	eq	7.0
debian_linux	eq	9.0
libreoffice	ge	6.0.0
libreoffice	lt	6.0.1.1
libreoffice	lt	5.4.5.1
enterprise_linux_desktop	eq	7.0
enterprise_linux_server	eq	7.0