Vulnerability CVE-2017-12608: Information

Description

A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2017-12608

Published: Nov. 20, 2017

Modified: Feb. 7, 2022

Error type identifier: CWE-787

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
LibreOffice4	c7	4.2-alt2.M70C.6	4.2-alt2.M70C.6	ALT-PU-2018-1132-1	200206	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://www.openoffice.org/security/cves/CVE-2017-12608.html	Release Notes Vendor Advisory
DSA-4022	Third Party Advisory
1039735	Third Party Advisory VDB Entry
1039733	Third Party Advisory VDB Entry
101585	Third Party Advisory VDB Entry
[debian-lts-announce] 20171220 [SECURITY] [DLA 1214-1] libreoffice security update	Third Party Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*
  End excliding
  4.1.4
  
  Configuration 2
  cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Version: v24.5.2

Vulnerability CVE-2017-12608: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2