Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-10119

Опубликовано: 16 апр. 2018
Источник: ubuntu
Приоритет: low
CVSS2: 6.8
CVSS3: 7.8

Описание

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.

РелизСтатусПримечание
artful

not-affected

1:5.4.6-0ubuntu0.17.10.1
bionic

not-affected

1:6.0.3-0ubuntu1
cosmic

not-affected

1:6.0.3-0ubuntu1
devel

not-affected

1:6.0.3-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1:4.2.8-0ubuntu5.5]]
precise/esm

DNE

trusty

released

1:4.2.8-0ubuntu5.5
trusty/esm

DNE

trusty was released [1:4.2.8-0ubuntu5.5]
upstream

needs-triage

xenial

released

1:5.1.6~rc2-0ubuntu1~xenial6

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-10119

CVSS3: 6.6
redhat
около 8 лет назад

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.

nvd логотип

CVE-2018-10119

CVSS3: 7.8
nvd
почти 8 лет назад

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.

debian логотип

CVE-2018-10119

CVSS3: 7.8
debian
почти 8 лет назад

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x b ...

github логотип

GHSA-4wrw-jm7c-gf3x

CVSS3: 7.8
github
больше 3 лет назад

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.

fstec логотип

BDU:2019-00715

CVSS3: 3.3
fstec
почти 8 лет назад

Уязвимость функции SwCTBWrapper :: Read пакета офисных программ LibreOffice, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

6.8 Medium

CVSS2

7.8 High

CVSS3