CVE-2017-14226CVE-2017-14226

Affected configuration(s):

cpe:/a:libreoffice:libreoffice:5.3.6
cpe:/a:libwpd:libwpd:0.10.1

Date published: 2017-09-09T04:29:00.240-04:00

Date last modified: 2017-09-21T10:28:37.853-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: https://bugs.documentfoundation.org/show_bug.cgi?id=112269

Summary: WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.