CVE-2025-64406

Опубликовано: 12 нояб. 2025

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas.

This issue affects Apache OpenOffice: through 4.1.15.

Users are recommended to upgrade to version 4.1.16, which fixes the issue.

Ссылки

https://lists.apache.org/thread/py89gpogxfb2yo9c5vwv2h9x3m85pfmm
Issue Tracking
Vendor Advisory
https://www.openoffice.org/security/cves/CVE-2025-64406.html
Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/11/11/9
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*

Версия до 4.1.16 (исключая)

EPSS

Процентиль: 30%

0.00112

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-787

Связанные уязвимости

GHSA-fj59-gg5v-953f

CVSS3: 4.3

github

3 месяца назад

An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the issue.

BDU:2025-15435

CVSS3: 7.5

fstec