Lucene search

Kaspersky LabKLA15719

HistoryJul 22, 2022 - 12:00 a.m.

KLA15719 Multiple vulnerabilities in OpenOffice

2022-07-2200:00:00

Kaspersky Lab

threats.kaspersky.com

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.5%

JSON

Security vulnerabilities were found in OpenOffice. Malicious users can exploit this vulnerability to bypass security restrictions.

Original advisories

CVE-2022-37401

CVE-2022-37400

Related products

OpenOffice.org

CVE list

CVE-2022-37401 critical

CVE-2022-37400 critical

Solution

Update to the latest version

Download OpenOffice

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

OpenOffice earlier than 4.1.13

References

statistics.securelist.com/

threats.kaspersky.com/en/product/OpenOffice.org/

www.openoffice.org/security/cves/CVE-2022-37400.html

www.openoffice.org/security/cves/CVE-2022-37401.html

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.5%

JSON

Related for KLA15719