KLA12404
Multiple vulnerabilities in OpenOffice

Updated: 12/29/2021
Detect date
?
10/06/2021
Severity
?
High
Description

Multiple vulnerabilities were found in OpenOffice. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service.

Below is a complete list of vulnerabilities:

  1. Buffer overflow vulnerability can be exploited via special crafted DBF file to execute arbitrary code.
  2. Elevation of privilege vulnerability can be exploited via special crafted file to gain privileges.
  3. Security bypass vulnerability can be exploited to bypass security restrictions and gain privileges.
  4. Denial of service vulnerability can be exploited via special crafted XML files to cause denial of service.
Affected products

OpenOffice earlier than 4.1.11

Solution

Update to the latest version
Download OpenOffice

Original advisories

CVE-2021-28129
CVE-2021-40439
CVE-2021-33035
CVE-2021-41830
CVE-2021-41831
CVE-2021-41832

Impacts
?
ACE 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]
Related products
OpenOffice.org
CVE-IDS
?
CVE-2021-330356.8High
CVE-2021-418325.0Critical
CVE-2021-281294.6Warning
CVE-2021-418315.0Critical
CVE-2021-404394.3Warning
CVE-2021-418305.0Critical
Find out the statistics of the vulnerabilities spreading in your region