Описание
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1:5.4.6-0ubuntu0.17.10.1 |
| bionic | not-affected | 1:6.0.3-0ubuntu1 |
| cosmic | not-affected | 1:6.0.3-0ubuntu1 |
| devel | not-affected | 1:6.0.3-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:4.2.8-0ubuntu5.5]] |
| precise/esm | DNE | |
| trusty | released | 1:4.2.8-0ubuntu5.5 |
| trusty/esm | DNE | trusty was released [1:4.2.8-0ubuntu5.5] |
| upstream | needs-triage | |
| xenial | released | 1:5.1.6~rc2-0ubuntu1~xenial6 |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx ...
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.
Уязвимость функции SwCTBWrapper :: Read пакета офисных программ LibreOffice, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
6.8 Medium
CVSS2
7.8 High
CVSS3