Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10855
Memory corruption vulnerability in Apache OpenOffice

Updated: 06/03/2020
Detect date
?
 07/21/2016
Severity
?
 High
Description

An unspecified vulnerability was found in Apache OpenOffice Impress. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed .ODP and .OTP files.

Technical details

An exploitable out-of-bounds vulnerability occurs while handling MetaActions.

Vulnerability is related to files:

  1. maintoolssourcegenericpoly2.cxx (see lines 217-230);
  2. mainvclsourcegdimetaact.cxx (see line 1189).
Affected products

Apache OpenOffice versions 4.1.2 and earlier
OpenOffice.org versions
Solution

Avoid to use Apache OpenOffice Impress within untrusted files. Install updates as soon as developer will release it. For further instructions take a look at original advisory.
Original advisories

Original Apache advisory
Impacts
?
ACE 
[?]

DoS 
[?]
Related products
 OpenOffice.org
Apache OpenOffice
CVE-IDS
?
CVE-2016-15136.8High
Find out the statistics of the vulnerabilities spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up