Heap overflow

2018-04-1609:58:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
debian_linuxeq8.0
debian_linuxeq7.0
debian_linuxeq9.0
libreofficege6.0.0
libreofficelt6.0.2.1
libreofficelt5.4.6.1
enterprise_linux_desktopeq7.0
enterprise_linux_servereq7.0

Name	Operator	Version
ubuntu_linux	eq	16.04
ubuntu_linux	eq	14.04
debian_linux	eq	8.0
debian_linux	eq	7.0
debian_linux	eq	9.0
libreoffice	ge	6.0.0
libreoffice	lt	6.0.2.1
libreoffice	lt	5.4.6.1
enterprise_linux_desktop	eq	7.0
enterprise_linux_server	eq	7.0