Описание
A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote code execution on DocumentServer.
Ссылки
- Product
- ProductVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
- Product
- ProductVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.0.0-9 (включая) до 5.6.3 (включая)
cpe:2.3:a:onlyoffice:document_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03615
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote code execution on DocumentServer.
EPSS
Процентиль: 88%
0.03615
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo