CVE-2018-10120
16.04.2018, 09:58
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.Enginsight
Vendor | Product | Version |
---|---|---|
debian | debian_linux | 7.0 |
debian | debian_linux | 8.0 |
debian | debian_linux | 9.0 |
libreoffice | libreoffice | 𝑥 < 5.4.6.1 |
libreoffice | libreoffice | 6.0.0 ≤ 𝑥 < 6.0.2.1 |
redhat | enterprise_linux_desktop | 7.0 |
redhat | enterprise_linux_server | 7.0 |
redhat | enterprise_linux_workstation | 7.0 |
canonical | ubuntu_linux | 14.04 |
canonical | ubuntu_linux | 16.04 |
𝑥
= Vulnerable software versions

Debian Releases

Ubuntu Releases
References