KLA11148 Multiple vulnerabilities in Apache OpenOffice

Multiple serious vulnerabilities have been found in Apache OpenOffice. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensetive information. Below is a complete list of vulnerabilities:

1. An unspecified vulnerability in embedded object rendering process can be exploited remotely via crafted file to obtain sensetive information;
2. An Out-of-Bounds write vulnerability in OpenOffice Writer DOC file parcer and specifically in the WW8Fonts Constructor can be exploited remotely via crafted file to cause arbitrary code potentially resulting in arbitrary code execution.

Original advisories

CVE-2017-3157: Arbitrary file disclosure in Calc and Writer

CVE-2017-9806: Out-of-Bounds Write in Writer’s WW8Fonts Constructor

Related products

OpenOffice.org

CVE list

CVE-2017-3157 warning

CVE-2017-9806 high

Solution

Update to latest version

Apache OpenOffice download page

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

• Apache OpenOffice earlier than 4.1.4