Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistApacheCVELIST:CVE-2017-3157
HistoryNov 19, 2017 - 12:00 a.m.

CVE-2017-3157

2017-11-1900:00:00
apache
www.cve.org
1

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.5%

JSON

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user’s filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back.

CNA Affected

[
  {
    "product": "Apache OpenOffice",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
      }
    ]
  }
]

Related

nessus 17
redhat 2
centos 2
openvas 11
ubuntu 1
cve 1
oraclelinux 4
debiancve 1
ubuntucve 1
osv 2
redhatcve 1
nvd 1
veracode 1
debian 2
prion 1
kaspersky 1
threatpost 1
freebsd 1
nessus
nessus
Debian DSA-3792-1 : libreoffice - security update
2017-02-24 00:00:00
RHEL 7 : libreoffice (RHSA-2017:0914)
2017-04-13 00:00:00
Oracle Linux 7 : libreoffice (ELSA-2017-0914)
2017-04-13 00:00:00
redhat
redhat
(RHSA-2017:0979) Moderate: libreoffice security update
2017-04-18 02:49:39
(RHSA-2017:0914) Moderate: libreoffice security and bug fix update
2017-04-12 10:03:18
centos
centos
autocorr, libreoffice security update
2017-04-19 12:13:32
autocorr, libreoffice security update
2017-04-13 10:58:20
openvas
openvas
RedHat Update for libreoffice RHSA-2017:0979-01
2017-04-19 00:00:00
CentOS Update for autocorr-af CESA-2017:0914 centos7
2017-04-14 00:00:00
Debian: Security Advisory (DSA-3792-1)
2017-02-22 00:00:00
ubuntu
ubuntu
LibreOffice vulnerability
2017-02-23 00:00:00
cve
cve
CVE-2017-3157
2017-11-20 20:29:00
oraclelinux
oraclelinux
libreoffice security update
2017-04-18 00:00:00
libreoffice security and bug fix update
2017-08-07 00:00:00
libreoffice security and bug fix update
2017-04-12 00:00:00
debiancve
debiancve
CVE-2017-3157
2017-11-20 20:29:00
ubuntucve
ubuntucve
CVE-2017-3157
2017-02-22 00:00:00
osv
osv
libreoffice - security update
2017-02-23 00:00:00
libreoffice - security update
2017-04-23 00:00:00
redhatcve
redhatcve
CVE-2017-3157
2017-02-22 15:19:06
nvd
nvd
CVE-2017-3157
2017-11-20 20:29:00
veracode
veracode
Information Disclosure
2019-01-15 09:17:02
debian
debian
[SECURITY] [DSA 3792-1] libreoffice security update
2017-02-23 22:13:34
[SECURITY] [DLA 910-1] libreoffice security update
2017-04-23 21:49:14
prion
prion
Design/Logic Flaw
2017-11-20 20:29:00
kaspersky
kaspersky
KLA11148 Multiple vulnerabilities in Apache OpenOffice
2017-11-20 00:00:00
threatpost
threatpost
Apache OpenOffice Update Patches Four Vulnerabilities
2017-10-28 07:00:08
freebsd
freebsd
Apache OpenOffice -- multiple vulnerabilities
2016-09-11 00:00:00

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.5%

JSON
Related for CVELIST:CVE-2017-3157
nessus17redhat2centos2openvas11ubuntu1cve1oraclelinux4debiancve1ubuntucve1osv2redhatcve1nvd1veracode1debian2prion1kaspersky1threatpost1freebsd1