KLA11148
Multiple vulnerabilities in Apache OpenOffice

Обновлено: 03/06/2020

Дата обнаружения	20/11/2017
Уровень угрозы	High
Описание	Multiple serious vulnerabilities have been found in Apache OpenOffice. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensetive information. Below is a complete list of vulnerabilities: An unspecified vulnerability in embedded object rendering process can be exploited remotely via crafted file to obtain sensetive information; An Out-of-Bounds write vulnerability in OpenOffice Writer DOC file parcer and specifically in the WW8Fonts Constructor can be exploited remotely via crafted file to cause arbitrary code potentially resulting in arbitrary code execution.
Пораженные продукты	Apache OpenOffice earlier than 4.1.4
Решение	Update to latest version Apache OpenOffice download page
Первичный источник обнаружения	CVE-2017-3157: Arbitrary file disclosure in Calc and Writer CVE-2017-9806: Out-of-Bounds Write in Writer's WW8Fonts Constructor
Оказываемое влияние ?	ACE [?] OSI [?] DoS [?]
Связанные продукты	Apache OpenOffice
CVE-IDS	CVE-2017-31574.3Warning CVE-2017-98066.8High
	Узнай статистику распространения уязвимостей в твоем регионе

KLA11148Multiple vulnerabilities in Apache OpenOffice